CVE-2016-5131

Priority
Medium
Description
Use-after-free vulnerability in libxml2 through 2.9.4, as used in Google
Chrome before 52.0.2743.82, allows remote attackers to cause a denial of
service or possibly have unspecified other impact via vectors related to
the XPointer range-to function.
References
Bugs
Package
Upstream:needs-triage
Ubuntu 12.04 LTS (Precise Pangolin):released (2.7.8.dfsg-5.1ubuntu4.17)
Ubuntu 14.04 LTS (Trusty Tahr):released (2.9.1+dfsg1-3ubuntu4.9)
Ubuntu Touch 15.04:needed
Ubuntu Core 15.04:DNE
Ubuntu 16.04 LTS (Xenial Xerus):released (2.9.3+dfsg1-1ubuntu0.2)
Ubuntu 16.10 (Yakkety Yak):released (2.9.4+dfsg1-2ubuntu0.1)
Ubuntu 17.04 (Zesty Zapus):not-affected (2.9.4+dfsg1-2.2)
Patches:
Upstream:https://git.gnome.org/browse/libxml2/commit/?id=9ab01a277d71f54d3143c2cf333c5c2e9aaedd9e
Upstream:https://git.gnome.org/browse/libxml2/commit/?id=a005199330b86dada19d162cae15ef9bdcb6baa8
Package
Upstream:released (52.0.2743.82)
Ubuntu 12.04 LTS (Precise Pangolin):ignored
Ubuntu 14.04 LTS (Trusty Tahr):released (52.0.2743.116-0ubuntu0.14.04.1.1134)
Ubuntu Touch 15.04:DNE
Ubuntu Core 15.04:DNE
Ubuntu 16.04 LTS (Xenial Xerus):released (52.0.2743.116-0ubuntu0.16.04.1.1250)
Ubuntu 16.10 (Yakkety Yak):released (53.0.2785.143-0ubuntu1.1307)
Ubuntu 17.04 (Zesty Zapus):released (53.0.2785.143-0ubuntu1.1307)
Patches:
Upstream:https://codereview.chromium.org/2127493002
Package
Upstream:released (1.16.5)
Ubuntu 12.04 LTS (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):released (1.16.5-0ubuntu0.14.04.1)
Ubuntu Touch 15.04:released (1.17.9-0ubuntu0.15.04.1~overlay2)
Ubuntu Core 15.04:DNE
Ubuntu 16.04 LTS (Xenial Xerus):released (1.16.5-0ubuntu0.16.04.1)
Ubuntu 16.10 (Yakkety Yak):released (1.16.7-0ubuntu1)
Ubuntu 17.04 (Zesty Zapus):released (1.16.7-0ubuntu1)
More Information

Updated: 2017-03-16 12:14:15 UTC (commit 12262)