Note: This is a public test instance of Red Hat Bugzilla. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback at bugzilla.redhat.com.
Bug 2253716 (CVE-2021-42260) - CVE-2021-42260 tinyxml: infinite loop causes crash
Summary: CVE-2021-42260 tinyxml: infinite loop causes crash
Keywords:
Status: NEW
Alias: CVE-2021-42260
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 2253717 2253718
Blocks:
TreeView+ depends on / blocked
 
Reported: 2023-12-09 00:37 UTC by Nick Tait
Modified: 2023-12-09 00:37 UTC (History)
0 users

Fixed In Version: tinyxml 2.6.2
Doc Type: ---
Doc Text:
A vulnerability was discovered in the TinyXML package, specifically the tinyxmlparser module. A crafted XML message could cause a crash and therefore an opportunity for a denial of service attack.
Clone Of:
Environment:
Last Closed:
Embargoed:


Attachments (Terms of Use)

Description Nick Tait 2023-12-09 00:37:10 UTC
From the description on MITRE's CVE page:
TinyXML through 2.6.2 has an infinite loop in TiXmlParsingData::Stamp in tinyxmlparser.cpp via the TIXML_UTF_LEAD_0 case. It can be triggered by a crafted XML message and leads to a denial of service.

Comment 1 Nick Tait 2023-12-09 00:37:35 UTC
Created tinyxml tracking bugs for this issue:

Affects: epel-all [bug 2253717]
Affects: fedora-all [bug 2253718]


Note You need to log in before you can comment on or make changes to this bug.