Help
Technical Forum
Ask questions. Discover Answers.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Technical Forum Quicklinks: No Replies | Active-Not Solved | Recent Solutions
Custom Alert Banner

F5 AppWorld 2024 session proposal deadline extended to Friday, December 8th!

About - K19473898: Expat vulnerabilities CVE-2022-23852, CVE-2022-25235, CVE-2022-25236

Sarovani
Cirrocumulus
Cirrocumulus

‎12-May-2022 02:01

Hi Experts , 

We have BigIP -LTM and ASM module . But how do I determine if we re using Expat Library ?Can someone please help me . 

 

 

Security Advisory Description

  • CVE-2022-23852

    Expat (aka libexpat) before 2.4.4 has a signed integer overflow in XML_GetBuffer, for configurations with a nonzero XML_CONTEXT_BYTES.

  • CVE-2022-25235

    xmltok_impl.c in Expat (aka libexpat) before 2.4.5 lacks certain validation of encoding, such as checks for whether a UTF-8 character is valid in a certain context.

  • CVE-2022-25236

    xmlparse.c in Expat (aka libexpat) before 2.4.5 allows attackers to insert namespace-separator characters into namespace URIs.

  • CVE-2022-25315

    In Expat (aka libexpat) before 2.4.5, there is an integer overflow in storeRawNames.

Impact

A remote attacker could send specially crafted XML which, when parsed by an application using the Expat library, would result in a buffer over-read and cause the application to stop responding.

Labels:
0 Kudos
1 REPLY 1

Jeffrey_Granier
F5 Employee
F5 Employee

‎02-Nov-2023 10:26

Hello,

If your running an TMOS code version thats impacted then it contains those Expat libraries:

 

Jeffrey_Granier_0-1698945933046.pngJeffrey_Granier_1-1698945951706.png

 

0 Kudos
Copyright © 2023 Khoros, LLC