Wind River Support Network

HomeDefectsLIN9-4717
Fixed

LIN9-4717 : Security Advisory - expat - CVE-2017-9233

Created: Jul 21, 2017    Updated: Dec 3, 2018
Resolved Date: Aug 2, 2017
Previous ID: LIN6-13239
Found In Version: 9.0.0.8
Fix Version: 9.0.0.9
Severity: Standard
Applicable for: Wind River Linux 9
Component/s: Userspace

Description

An infinite loop vulnerability due to malformed XML in external entity was found in entityValueInitProcessor function affecting versions of Expat 2.2.0 and earlier.

Upstream patch:

https://github.com/libexpat/libexpat/commit/c4bf96bb51dd2a1b0e185374362ee136fe2c9d7f

External References:

https://libexpat.github.io/doc/cve-2017-9233/

Other Downloads

CVEs

Live chat
Online
  • Linkedin
  • Facebook
  • Twitter
  • Youtube