Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2022-25315

In Expat (aka libexpat) before 2.4.5, there is an integer overflow in storeRawNames.

Related bugs and status

CVE-2022-25315 (Candidate) is related to these bugs:

Bug #1963903: expat relax fix for CVE-2022-25236 and possible regressions

Summary				In	Importance	Status
	1963903	expat relax fix for CVE-2022-25236 and possible regressions		expat (Ubuntu)	Undecided	Fix Released

Bug #1969362: CVE-2021-45960 / CVE-2022-22822 / CVE-2022-22823 / CVE-2022-22824 / CVE-2022-23852 / CVE-2022-25235 / CVE-2022-25236 / CVE-2022-25315: expat multiple CVEs

Summary				In	Importance	Status
	1969362	CVE-2021-45960 / CVE-2022-22822 / CVE-2022-22823 / CVE-2022-22824 / CVE-2022-23852 / CVE-2022-25235 / CVE-2022-25236 / CVE-2022-25315: expat multiple CVEs		StarlingX	Medium	Fix Released

See the

CVE page on Mitre.org for more details.

References

MISC: https://github.com/lib...
MLIST: [oss-security] 2022021...
DEBIAN: DSA-5085
FEDORA: FEDORA-2022-04f206996b
FEDORA: FEDORA-2022-3d9d67f558
CONFIRM: https://security.netap...
MLIST: [debian-lts-announce] ...
MISC: https://www.oracle.com...
CONFIRM: https://cert-portal.si...
GENTOO: GLSA-202209-24