Denial of Service Vulnerability in libxml2 by GNOME
CVE-2018-14567

6.5MEDIUM

Key Information:

Vendor: Xmlsoft
Status: Libxml2
Vendor: CVE Published:; 16 August 2018

What is CVE-2018-14567?

An issue in libxml2 allows remote attackers to trigger an infinite loop by crafting a specific XML file that invokes LZMA_MEMLIMIT_ERROR when the configuration flag --with-lzma is used. This can lead to service disruption as demonstrated by xmllint, marking it as a distinct vulnerability from previous CVEs.