CVE-2017-5029

Publication date 10 March 2017

Last updated 24 July 2024

Ubuntu priority

Cvss 3 Severity Score

The xsltAddTextString function in transform.c in libxslt 1.1.29, as used in Blink in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android, lacked a check for integer overflow during a size calculation, which allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page.

Status

Show unmaintained releases

Package	Ubuntu Release	Status
chromium-browser	17.04 zesty	Fixed 57.0.2987.98-0ubuntu1.1348
	16.10 yakkety	Fixed 57.0.2987.98-0ubuntu0.16.10.1344
	16.04 LTS xenial	Fixed 57.0.2987.98-0ubuntu0.16.04.1276
	14.04 LTS trusty	Fixed 58.0.3029.81-0ubuntu0.14.04.1172
	12.04 LTS precise	Ignored
libxslt	17.04 zesty	Fixed 1.1.29-2ubuntu0.1
	16.10 yakkety	Fixed 1.1.29-1ubuntu0.1
	16.04 LTS xenial	Fixed 1.1.28-2.1ubuntu0.1
	14.04 LTS trusty	Fixed 1.1.28-2ubuntu0.1
	12.04 LTS precise	Fixed 1.1.26-8ubuntu1.4
oxide-qt	17.04 zesty	Fixed 1.21.5-0ubuntu1
	16.10 yakkety	Fixed 1.21.5-0ubuntu0.16.10.1
	16.04 LTS xenial	Fixed 1.21.5-0ubuntu0.16.04.1
	14.04 LTS trusty	Fixed 1.21.5-0ubuntu0.14.04.1
	12.04 LTS precise	Not in release

Patch details

For informational purposes only. We recommend not to cherry-pick updates. How can I get the fixes?

Package	Patch details
libxslt	Upstream: ?id=08a

Severity score breakdown

Parameter	Value
Base score	8.8 · High
Attack vector	Network
Attack complexity	Low
Privileges required	None
User interaction	Required
Scope	Unchanged
Confidentiality	High
Integrity impact	High
Availability impact	High
Vector	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CVE-2017-5029

Cvss 3 Severity Score

Status

Patch details

Severity score breakdown

References

Related Ubuntu Security Notices (USN)

Other references