Memory leak in the poolGrow function in expat/lib/xmlparse.c in expat before 2.1.0 allows context-dependent attackers to cause a denial of service (memory consumption) via a large number of crafted XML files that cause improperly-handled reallocation failures when expanding entities.
{ "availability": "Available with Ubuntu Pro: https://ubuntu.com/pro", "ubuntu_priority": "low", "binaries": [ { "binary_version": "1.2-3ubuntu0.16.04.1~esm2", "binary_name": "libxmltok1" }, { "binary_version": "1.2-3ubuntu0.16.04.1~esm2", "binary_name": "libxmltok1-dbgsym" }, { "binary_version": "1.2-3ubuntu0.16.04.1~esm2", "binary_name": "libxmltok1-dev" } ] }
{ "availability": "Available with Ubuntu Pro: https://ubuntu.com/pro", "ubuntu_priority": "low", "binaries": [ { "binary_version": "1.2-4ubuntu0.18.04.1~esm1", "binary_name": "libxmltok1" }, { "binary_version": "1.2-4ubuntu0.18.04.1~esm1", "binary_name": "libxmltok1-dbgsym" }, { "binary_version": "1.2-4ubuntu0.18.04.1~esm1", "binary_name": "libxmltok1-dev" } ] }
{ "availability": "Available with Ubuntu Pro: https://ubuntu.com/pro", "ubuntu_priority": "low", "binaries": [ { "binary_version": "1.2-4ubuntu0.20.04.1~esm1", "binary_name": "libxmltok1" }, { "binary_version": "1.2-4ubuntu0.20.04.1~esm1", "binary_name": "libxmltok1-dbgsym" }, { "binary_version": "1.2-4ubuntu0.20.04.1~esm1", "binary_name": "libxmltok1-dev" } ] }
{ "availability": "Available with Ubuntu Pro: https://ubuntu.com/pro", "ubuntu_priority": "low", "binaries": [ { "binary_version": "1.2-4ubuntu0.22.04.1~esm1", "binary_name": "libxmltok1" }, { "binary_version": "1.2-4ubuntu0.22.04.1~esm1", "binary_name": "libxmltok1-dbgsym" }, { "binary_version": "1.2-4ubuntu0.22.04.1~esm1", "binary_name": "libxmltok1-dev" } ] }