Wind River Support Network

HomeDefectsLIN6-13233
Fixed

LIN6-13233 : Security Advisory - expat - CVE-2017-9233

Created: Jul 19, 2017    Updated: Dec 3, 2018
Resolved Date: Aug 21, 2017
Found In Version: 6.0.0.34
Fix Version: 6.0.0.35
Severity: Standard
Applicable for: Wind River Linux 6
Component/s: Userspace

Description

An infinite loop vulnerability due to malformed XML in external entity was found in entityValueInitProcessor function affecting versions of Expat 2.2.0 and earlier.

Upstream patch:

https://github.com/libexpat/libexpat/commit/c4bf96bb51dd2a1b0e185374362ee136fe2c9d7f

External References:

https://libexpat.github.io/doc/cve-2017-9233/

Other Downloads


Live chat
Online