製品・ソフトウェアに関する情報

JVN脆弱性詳細

libxml2 の parser.c の xmlParseXMLDecl 関数における重要な情報を取得される脆弱性

Title	libxml2 の parser.c の xmlParseXMLDecl 関数における重要な情報を取得される脆弱性
Summary	libxml2 の parser.c の xmlParseXMLDecl 関数には、重要な情報を取得される脆弱性が存在します。
Possible impacts	攻撃者により、(1) 終端のないエンコーディング値、または (2) XML データの不完全な XML 宣言を介して、out-of-bounds heap read を誘発されることで、重要な情報を取得される可能性があります。
Solution	ベンダより正式な対策が公開されています。ベンダ情報を参照して適切な対策を実施してください。
Publication Date	June 29, 2015, midnight
Registration Date	Dec. 18, 2015, 11:26 a.m.
Last Update	Feb. 2, 2016, 4:20 p.m.

CVSS2.0 : 警告
Score	5
Vector	AV:N/AC:L/Au:N/C:P/I:N/A:N

Affected System

レッドハット

Red Hat Enterprise Linux Desktop (v. 6)

Red Hat Enterprise Linux HPC Node (v. 6)

Red Hat Enterprise Linux Server (v. 6)

Red Hat Enterprise Linux Server EUS (v. 6.7.z)

Red Hat Enterprise Linux Server (v. 6)

Red Hat Enterprise Linux Server EUS (v. 6.7.z)

Red Hat Enterprise Linux Workstation (v. 6)

Canonical

Ubuntu 12.04 LTS

Ubuntu 14.04 LTS

Ubuntu 15.04

Ubuntu 15.10

Ubuntu 12.04 LTS

Ubuntu 14.04 LTS

Ubuntu 15.04

Ubuntu 15.10

xmlsoft.org

libxml2 2.9.3 未満

CVE (情報セキュリティ共通脆弱性識別子)

No	Name	URL
Common Vulnerabilities and Exposures (CVE)
1	CVE-2015-8317	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8317
2	CVE-2015-8317	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8317
National Vulnerability Database (NVD)
3	CVE-2015-8317	http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8317
4	CVE-2015-8317	http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8317

CWE (共通脆弱性タイプ一覧)

No	Name	URL
JVNDB
1	CWE-119	https://jvndb.jvn.jp/ja/cwe/CWE-119.html
2	CWE-119	https://jvndb.jvn.jp/ja/cwe/CWE-119.html

ベンダー情報

No	Name	URL
GNOME Bugzilla
1	Bug 751603	https://bugzilla.gnome.org/show_bug.cgi?id=751603
2	Bug 751603	https://bugzilla.gnome.org/show_bug.cgi?id=751603
3	Bug 751631	https://bugzilla.gnome.org/show_bug.cgi?id=751631
4	Bug 751631	https://bugzilla.gnome.org/show_bug.cgi?id=751631
GNOME GIT REPOSITORY
5	Do not process encoding values if the declaration if broken	https://git.gnome.org/browse/libxml2/commit/?id=9aa37588ee78a06ca1379a9d9356eab16686099c
6	Do not process encoding values if the declaration if broken	https://git.gnome.org/browse/libxml2/commit/?id=9aa37588ee78a06ca1379a9d9356eab16686099c
7	Fail parsing early on if encoding conversion failed	https://git.gnome.org/browse/libxml2/commit/?id=709a952110e98621c9b78c4f26462a9d8333102e
8	Fail parsing early on if encoding conversion failed	https://git.gnome.org/browse/libxml2/commit/?id=709a952110e98621c9b78c4f26462a9d8333102e
Red Hat Bugzilla
9	Bug 1281930	https://bugzilla.redhat.com/show_bug.cgi?id=1281930
10	Bug 1281930	https://bugzilla.redhat.com/show_bug.cgi?id=1281930
Red Hat Security Advisory
11	RHSA-2015:2549	http://rhn.redhat.com/errata/RHSA-2015-2549.html
12	RHSA-2015:2549	http://rhn.redhat.com/errata/RHSA-2015-2549.html
Turbolinux Security Advisory
13	TLSA-2016-3	http://www.turbolinux.co.jp/security/2016/TLSA-2016-3j.html
14	TLSA-2016-3	http://www.turbolinux.co.jp/security/2016/TLSA-2016-3j.html
Ubuntu Security Notice
15	USN-2834-1	http://www.ubuntu.com/usn/USN-2834-1
16	USN-2834-1	http://www.ubuntu.com/usn/USN-2834-1

Change Log

No	Changed Details	Date of change
0	[2015年12月18日] 掲載 [2016年02月02日] ベンダ情報：ターボリナックス (TLSA-2016-3) を追加	Feb. 17, 2018, 10:37 a.m.

NVD Vulnerability Information

CVE-2015-8317

Summary	The xmlParseXMLDecl function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to obtain sensitive information via an (1) unterminated encoding value or (2) incomplete XML declaration in XML data, which triggers an out-of-bounds heap read.
Publication Date	Dec. 16, 2015, 6:59 a.m.
Registration Date	Jan. 26, 2021, 2:58 p.m.
Last Update	Nov. 21, 2024, 11:38 a.m.

Affected software configurations

Configuration1	or higher	or less	more than	less than
cpe:2.3:o:debian:debian_linux:8.0:::::::*
cpe:2.3:o:debian:debian_linux:7.0:::::::*

Configuration2	or higher	or less	more than	less than
cpe:2.3:o:canonical:ubuntu_linux:12.04::::lts:::
cpe:2.3:o:canonical:ubuntu_linux:15.10:::::::*
cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
cpe:2.3:o:canonical:ubuntu_linux:15.04:::::::*

Configuration3		or higher	or less	more than	less than
cpe:2.3:a:xmlsoft:libxml2::::::::			2.9.2

Configuration4	or higher	or less	more than	less than
cpe:2.3:o:redhat:enterprise_linux_hpc_node:6.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*

Configuration5	or higher	or less	more than	less than
cpe:2.3:a:hp:icewall_file_manager:3.0:::::::*
cpe:2.3:a:hp:icewall_federation_agent:3.0:::::::*

Related information, measures and tools

No	URL	タグ
1	http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html
2	http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html
3	http://lists.apple.com/archives/security-announce/2016/Jul/msg00001.html
4	http://lists.apple.com/archives/security-announce/2016/Jul/msg00001.html
5	http://lists.apple.com/archives/security-announce/2016/Jul/msg00002.html
6	http://lists.apple.com/archives/security-announce/2016/Jul/msg00002.html
7	http://lists.apple.com/archives/security-announce/2016/Jul/msg00003.html
8	http://lists.apple.com/archives/security-announce/2016/Jul/msg00003.html
9	http://lists.apple.com/archives/security-announce/2016/Jul/msg00005.html
10	http://lists.apple.com/archives/security-announce/2016/Jul/msg00005.html
11	http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html
12	http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html
13	http://lists.opensuse.org/opensuse-updates/2016-01/msg00031.html
14	http://lists.opensuse.org/opensuse-updates/2016-01/msg00031.html
15	http://marc.info/?l=bugtraq&m=145382616617563&w=2	Third Party Advisory
16	http://marc.info/?l=bugtraq&m=145382616617563&w=2	Third Party Advisory
17	http://rhn.redhat.com/errata/RHSA-2015-2549.html	Third Party Advisory
18	http://rhn.redhat.com/errata/RHSA-2015-2549.html	Third Party Advisory
19	http://rhn.redhat.com/errata/RHSA-2016-1089.html
20	http://rhn.redhat.com/errata/RHSA-2016-1089.html
21	http://www.debian.org/security/2015/dsa-3430	Third Party Advisory
22	http://www.debian.org/security/2015/dsa-3430	Third Party Advisory
23	http://www.openwall.com/lists/oss-security/2015/11/21/1
24	http://www.openwall.com/lists/oss-security/2015/11/21/1
25	http://www.openwall.com/lists/oss-security/2015/11/22/3
26	http://www.openwall.com/lists/oss-security/2015/11/22/3
27	http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html
28	http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html
29	http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html
30	http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html
31	http://www.securityfocus.com/bid/77681
32	http://www.securityfocus.com/bid/77681
33	http://www.securityfocus.com/bid/91826
34	http://www.securityfocus.com/bid/91826
35	http://www.securitytracker.com/id/1034243
36	http://www.securitytracker.com/id/1034243
37	http://www.ubuntu.com/usn/USN-2834-1	Third Party Advisory
38	http://www.ubuntu.com/usn/USN-2834-1	Third Party Advisory
39	https://blog.fuzzing-project.org/28-Libxml2-Several-out-of-bounds-reads.html
40	https://blog.fuzzing-project.org/28-Libxml2-Several-out-of-bounds-reads.html
41	https://bugzilla.gnome.org/show_bug.cgi?id=751603	Issue Tracking
42	https://bugzilla.gnome.org/show_bug.cgi?id=751603	Issue Tracking
43	https://bugzilla.gnome.org/show_bug.cgi?id=751631	Exploit Issue Tracking
44	https://bugzilla.gnome.org/show_bug.cgi?id=751631	Exploit Issue Tracking
45	https://bugzilla.redhat.com/show_bug.cgi?id=1281930	Exploit Issue Tracking
46	https://bugzilla.redhat.com/show_bug.cgi?id=1281930	Exploit Issue Tracking
47	https://git.gnome.org/browse/libxml2/commit/?id=709a952110e98621c9b78c4f26462a9d8333102e
48	https://git.gnome.org/browse/libxml2/commit/?id=709a952110e98621c9b78c4f26462a9d8333102e
49	https://git.gnome.org/browse/libxml2/commit/?id=9aa37588ee78a06ca1379a9d9356eab16686099c
50	https://git.gnome.org/browse/libxml2/commit/?id=9aa37588ee78a06ca1379a9d9356eab16686099c
51	https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04944172	Third Party Advisory
52	https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04944172	Third Party Advisory
53	https://support.apple.com/HT206899
54	https://support.apple.com/HT206899
55	https://support.apple.com/HT206901
56	https://support.apple.com/HT206901
57	https://support.apple.com/HT206902
58	https://support.apple.com/HT206902
59	https://support.apple.com/HT206903
60	https://support.apple.com/HT206903
61	https://support.apple.com/HT206904
62	https://support.apple.com/HT206904
63	https://support.apple.com/HT206905
64	https://support.apple.com/HT206905

Common Vulnerabilities List

No	CWE	Name	URL
1	CWE-119	バッファエラー	https://cwe.mitre.org/data/definitions/118.html