Integer Overflow Vulnerability in Expat Affects libexpat
CVE-2021-46143

7.8HIGH

Key Information:

Vendor
Libexpat Project
Status
Libexpat
Vendor
CVE Published:
6 January 2022

Badges

👾 Exploit Exists🟡 Public PoC

Summary

In the xmlparse.c module of Expat, an integer overflow vulnerability was discovered before version 2.4.3. This issue arises due to improper handling of the m_groupSize variable, leading to potential security risks when processing XML data. Successful exploitation could allow attackers to manipulate programs using the library, resulting in unexpected behaviors or system crashes. Organizations using affected versions of libexpat should upgrade to the latest release to mitigate these risks and ensure safer XML parsing capabilities.

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

external_expat_AOSP10_r33_CVE-2021-46143
Created by nanopathi

References

https://github.com/libexpat/libexpat/issues/532
x_refsource_MISC
https://github.com/libexpat/libexpat/pull/538
x_refsource_MISC
http://www.openwall.com/lists/oss-security/2022/01/17/3
mailing-listx_refsource_MLIST

CVSS V3.1

Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • 🟡

    Public PoC available

  • 👾

    Exploit known to exist

  • Vulnerability published

  • Vulnerability Reserved

.