CVE-2024-8176: Libexpat: expat: improper restriction of xml entity expansion depth in libexpat
First published: Thu Sep 05 2024(Updated: )
A stack overflow vulnerability exists in the libexpat library due to the way it handles recursive entity expansion in XML documents. When parsing an XML document with deeply nested entity references, libexpat can be forced to recurse indefinitely, exhausting the stack space and causing a crash. This issue could lead to denial of service (DoS) or, in some cases, exploitable memory corruption, depending on the environment and library usage.
Credit: secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Expat | ||
| debian/expat | <=2.2.10-2+deb11u5<=2.2.10-2+deb11u6<=2.5.0-1+deb12u1 | 2.7.1-1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://blog.hartwork.org/posts/expat-2-7-0-released/
- https://github.com/libexpat/libexpat/issues/893
- https://github.com/libexpat/libexpat/pull/973
- https://gitlab.com/redhat/centos-stream/rpms/expat/-/blob/c9s/expat-2.5.0-CVE-2024-8176.patch
- https://security-tracker.debian.org/tracker/CVE-2024-8176
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8176
- https://nvd.nist.gov/vuln/detail/CVE-2024-8176
- https://launchpad.net/bugs/cve/CVE-2024-8176
- https://ubuntu.com/security/CVE-2024-8176
- https://access.redhat.com/errata/RHSA-2025:3531
- https://access.redhat.com/errata/RHSA-2025:3734
- https://access.redhat.com/errata/RHSA-2025:3913
- https://access.redhat.com/security/cve/CVE-2024-8176
- https://bugzilla.redhat.com/show_bug.cgi?id=2310137
- http://www.openwall.com/lists/oss-security/2025/03/15/1
- https://bugzilla.suse.com/show_bug.cgi?id=1239618
- https://github.com/libexpat/libexpat/blob/R_2_7_0/expat/Changes#L40-L52
- https://gitlab.alpinelinux.org/alpine/aports/-/commit/d068c3ff36fc6f4789988a09c69b434db757db53
- https://security.netapp.com/advisory/ntap-20250328-0009/
- https://access.redhat.com/errata/RHSA-2025:4048
Frequently Asked Questions
What is the severity of CVE-2024-8176?
CVE-2024-8176 is classified as a high-severity vulnerability due to its potential to lead to a denial of service through stack overflow.
What software is affected by CVE-2024-8176?
CVE-2024-8176 affects the Expat libexpat library, particularly in its handling of XML documents.
How can I mitigate the risks associated with CVE-2024-8176?
To mitigate CVE-2024-8176, it is recommended to update to the latest version of libexpat, which addresses this vulnerability.
How does CVE-2024-8176 affect XML parsing?
CVE-2024-8176 allows malicious XML documents with deeply nested entity references to cause endless recursion, leading to stack exhaustion during parsing.
What is the cause of the vulnerability identified in CVE-2024-8176?
The vulnerability in CVE-2024-8176 is caused by improper handling of recursive entity expansion in the libexpat library.
- agent/title
- agent/weakness
- agent/first-publish-date
- agent/type
- agent/severity
- agent/author
- collector/oss-sec
- source/oss-sec
- alias/CVE-2024-8176
- agent/trending
- agent/source
- agent/guess-ai
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- agent/softwarecombine
- collector/security-tracker-debian
- source/Debian
- collector/usn-cve
- source/Ubuntu
- agent/description
- agent/event
- collector/mitre-cve
- source/MITRE
- agent/references
- agent/tags
- collector/nvd-api
- source/NVD
- collector/nvd-cve
- agent/last-modified-date
- collector/redhat-bugzilla
- source/Red Hat
- vendor/expat
- canonical/expat
- package-manager/debian