VU#760160: libexpat library is vulnerable to DoS attacks through stack overflow

A stack overflow vulnerability has been discovered in the libexpat open source library, which can be exploited to perform denial of service attacks or memory corruption attacks. The vulnerability is caused by libexpat's handling of recursive entity expansion, leading to indefinite recursion and eventual crashes. An attacker can exploit this vulnerability by providing a specially crafted XML document to software that uses libexpat is a widely used library, employed by various software and companies. The vulnerability, tracked as CVE-2024-8176, can be exploited to cause denial of service attacks or memory corruption attacks. A patch for the vulnerability has been provided in libexpat version 2.7.0. The patch can be verified using proof-of-concept generators. The vulnerability was originally discovered by Jann Horn of Google's Project Zero and reported by Sebastian Pipping, the maintainer of the project. Vendors can join the discussion on the vulnerability at the VINCE website. The vulnerability was written by Christopher Cullen.