[arch-security] [ASA-201606-14] lib32-expat: multiple issues
Levente Polyak
anthraxx at archlinux.org
Sun Jun 12 23:52:26 UTC 2016
Arch Linux Security Advisory ASA-201606-14
==========================================
Severity: Medium
Date : 2016-06-13
CVE-ID : CVE-2012-6702 CVE-2016-5300
Package : lib32-expat
Type : multiple issues
Remote : Yes
Link : https://wiki.archlinux.org/index.php/CVE
Summary
=======
The package lib32-expat before version 2.1.1-3 is vulnerable to
multiple issues including predictable random numbers and insufficient
hash entropy leading to denial of service.
Resolution
==========
Upgrade to 2.1.1-3.
# pacman -Syu "lib32-expat>=2.1.1-3"
The problems have been fixed upstream but no release is available yet.
Workaround
==========
None.
Description
===========
- CVE-2012-6702 (predictable random numbers)
It was found that when calling XML_Parse ahead of rand(), it causes the
pseudo random generator to generate non-random predictable numbers.
- CVE-2016-5300 (denial of service)
It was found that original fix for CVE-2012-0876 used too little
entropy for the hash initialization. This issue can be used to perform
a hash collision based denial of service attack.
Impact
======
A remote attacker is able to predict random numbers from the PRNG or
perform a hash based collision attack resulting in denial of service.
References
==========
https://access.redhat.com/security/cve/CVE-2012-6702
https://access.redhat.com/security/cve/CVE-2016-5300
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <https://lists.archlinux.org/pipermail/arch-security/attachments/20160613/b105b7a8/attachment.asc>
More information about the arch-security
mailing list