vulnerability

Ubuntu: (Multiple Advisories) (CVE-2017-9049): libxml2 vulnerabilities

Try Surface Command

Back to search

Severity

CVSS

(AV:N/AC:L/Au:N/C:N/I:N/A:P)

Published

May 18, 2017

Added

Sep 19, 2017

Modified

Mar 27, 2026

Description

libxml2 20904-GITv2.9.4-16-g0741801 is vulnerable to a heap-based buffer over-read in the xmlDictComputeFastKey function in dict.c. This vulnerability causes programs that use libxml2, such as PHP, to crash. This vulnerability exists because of an incomplete fix for libxml2 Bug 759398.

Solution

ubuntu-upgrade-libxml2

References

CVE-2017-9049
https://attackerkb.com/topics/CVE-2017-9049
CWE-125
DEBIAN-DSA-3952
EUVD-EUVD-2017-17989
NVD-CVE-2017-9049
UBUNTU-USN-3424-1
UBUNTU-USN-3424-2
https://euvd.enisa.europa.eu/vulnerability/EUVD-2017-17989

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report