CVE-2024-8176

A stack overflow vulnerability exists in the libexpat library due to the way it handles recursive entity expansion in XML documents. When parsing an XML document with deeply nested entity references, libexpat can be forced to recurse indefinitely, exhausting the stack space and causing a crash. This issue could lead to denial of service (DoS) or, in some cases, exploitable memory corruption, depending on the environment and library usage.

CVSS v3 7.5 HIGH

7.5^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://access.redhat.com/errata/RHSA-2025:13681
https://access.redhat.com/errata/RHSA-2025:3531
https://access.redhat.com/errata/RHSA-2025:3734
https://access.redhat.com/errata/RHSA-2025:3913
https://access.redhat.com/errata/RHSA-2025:4048
https://access.redhat.com/errata/RHSA-2025:4446
https://access.redhat.com/errata/RHSA-2025:4447
https://access.redhat.com/errata/RHSA-2025:4448
https://access.redhat.com/errata/RHSA-2025:4449
https://access.redhat.com/errata/RHSA-2025:7444
https://access.redhat.com/errata/RHSA-2025:7512
https://access.redhat.com/errata/RHSA-2025:8385
https://access.redhat.com/security/cve/CVE-2024-8176
https://bugzilla.redhat.com/show_bug.cgi?id=2310137
https://github.com/libexpat/libexpat/issues/893
http://seclists.org/fulldisclosure/2025/May/10
http://seclists.org/fulldisclosure/2025/May/11
http://seclists.org/fulldisclosure/2025/May/12
http://seclists.org/fulldisclosure/2025/May/6
http://seclists.org/fulldisclosure/2025/May/7
http://seclists.org/fulldisclosure/2025/May/8
http://www.openwall.com/lists/oss-security/2025/03/15/1
http://www.openwall.com/lists/oss-security/2025/09/24/11
https://blog.hartwork.org/posts/expat-2-7-0-released/
https://bugzilla.suse.com/show_bug.cgi?id=1239618
https://github.com/libexpat/libexpat/blob/R_2_7_0/expat/Changes#L40-L52
https://gitlab.alpinelinux.org/alpine/aports/-/commit/d068c3ff36fc6f4789988a09c69b434db757db53
https://security-tracker.debian.org/tracker/CVE-2024-8176
https://security.netapp.com/advisory/ntap-20250328-0009/
https://ubuntu.com/security/CVE-2024-8176
https://www.kb.cert.org/vuls/id/760160

Configurations

No configuration.

History

04 Nov 2025, 22:16

Type	Values Removed	Values Added
References		() http://www.openwall.com/lists/oss-security/2025/09/24/11 -

03 Nov 2025, 20:17

Type	Values Removed	Values Added
References		() http://seclists.org/fulldisclosure/2025/May/10 - () http://seclists.org/fulldisclosure/2025/May/11 - () http://seclists.org/fulldisclosure/2025/May/12 - () http://seclists.org/fulldisclosure/2025/May/6 - () http://seclists.org/fulldisclosure/2025/May/7 - () http://seclists.org/fulldisclosure/2025/May/8 -

14 Aug 2025, 16:15

Type	Values Removed	Values Added
References		() https://access.redhat.com/errata/RHSA-2025:13681 -

02 Jun 2025, 15:15

Type	Values Removed	Values Added
References		() https://access.redhat.com/errata/RHSA-2025:8385 -

13 May 2025, 23:15

Type	Values Removed	Values Added
References		() https://access.redhat.com/errata/RHSA-2025:7444 - () https://access.redhat.com/errata/RHSA-2025:7512 -

09 May 2025, 14:15

Type	Values Removed	Values Added
References		() https://www.kb.cert.org/vuls/id/760160 -

05 May 2025, 08:15

Type	Values Removed	Values Added
References		() https://access.redhat.com/errata/RHSA-2025:4446 - () https://access.redhat.com/errata/RHSA-2025:4448 - () https://access.redhat.com/errata/RHSA-2025:4449 -

05 May 2025, 03:15

Type	Values Removed	Values Added
References		() https://access.redhat.com/errata/RHSA-2025:4447 -

23 Apr 2025, 12:15

Type	Values Removed	Values Added
References		() https://access.redhat.com/errata/RHSA-2025:4048 -

15 Apr 2025, 17:15

Type	Values Removed	Values Added
References		() https://access.redhat.com/errata/RHSA-2025:3913 -

09 Apr 2025, 08:15

Type	Values Removed	Values Added
References		() https://access.redhat.com/errata/RHSA-2025:3734 -

02 Apr 2025, 15:15

Type	Values Removed	Values Added
References		() https://access.redhat.com/errata/RHSA-2025:3531 -

28 Mar 2025, 15:15

Type	Values Removed	Values Added
References		() https://security.netapp.com/advisory/ntap-20250328-0009/ -

17 Mar 2025, 17:15

Type	Values Removed	Values Added
References		() https://blog.hartwork.org/posts/expat-2-7-0-released/ - () https://bugzilla.suse.com/show_bug.cgi?id=1239618 - () https://github.com/libexpat/libexpat/blob/R_2_7_0/expat/Changes#L40-L52 - () https://gitlab.alpinelinux.org/alpine/aports/-/commit/d068c3ff36fc6f4789988a09c69b434db757db53 - () https://security-tracker.debian.org/tracker/CVE-2024-8176 - () https://ubuntu.com/security/CVE-2024-8176 -

15 Mar 2025, 19:15

Type	Values Removed	Values Added
References		() http://www.openwall.com/lists/oss-security/2025/03/15/1 -
Summary		(es) Existe una vulnerabilidad de desbordamiento de pila en la librería libexpat debido a la forma en que gestiona la expansión recursiva de entidades en documentos XML. Al analizar un documento XML con referencias a entidades profundamente anidadas, libexpat puede verse forzado a recurrir indefinidamente, agotando el espacio de pila y provocando un bloqueo. Este problema podría provocar una denegación de servicio (DoS) o, en algunos casos, una corrupción de memoria explotable, según el entorno y el uso de la librería.

14 Mar 2025, 09:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-03-14 09:15

Updated : 2025-11-04 22:16

NVD link : CVE-2024-8176

Mitre link : CVE-2024-8176

CVE.ORG link : CVE-2024-8176

JSON object : View

Products Affected

No product.

CWE

CWE-674

Uncontrolled Recursion

7.5 /10