Rhodri James discovered that Expat incorrectly handled memory when processing certain malformed XML files. An attacker could possibly use this issue to cause a crash or execute arbitrary code.
{ "availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro", "binaries": [ { "binary_name": "expat", "binary_version": "2.1.0-7ubuntu0.16.04.5+esm6" }, { "binary_name": "expat-dbgsym", "binary_version": "2.1.0-7ubuntu0.16.04.5+esm6" }, { "binary_name": "lib64expat1", "binary_version": "2.1.0-7ubuntu0.16.04.5+esm6" }, { "binary_name": "lib64expat1-dbgsym", "binary_version": "2.1.0-7ubuntu0.16.04.5+esm6" }, { "binary_name": "lib64expat1-dev", "binary_version": "2.1.0-7ubuntu0.16.04.5+esm6" }, { "binary_name": "libexpat1", "binary_version": "2.1.0-7ubuntu0.16.04.5+esm6" }, { "binary_name": "libexpat1-dbgsym", "binary_version": "2.1.0-7ubuntu0.16.04.5+esm6" }, { "binary_name": "libexpat1-dev", "binary_version": "2.1.0-7ubuntu0.16.04.5+esm6" }, { "binary_name": "libexpat1-udeb", "binary_version": "2.1.0-7ubuntu0.16.04.5+esm6" }, { "binary_name": "libexpat1-udeb-dbgsym", "binary_version": "2.1.0-7ubuntu0.16.04.5+esm6" } ] }