CVE-2024-8176

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "https://access.redhat.com/errata/RHSA-2025:13681", "name": "RHSA-2025:13681", "tags": [], "refsource": ""}, {"url": "https://access.redhat.com/errata/RHSA-2025:3531", "name": "RHSA-2025:3531", "tags": [], "refsource": ""}, {"url": "https://access.redhat.com/errata/RHSA-2025:3734", "name": "RHSA-2025:3734", "tags": [], "refsource": ""}, {"url": "https://access.redhat.com/errata/RHSA-2025:3913", "name": "RHSA-2025:3913", "tags": [], "refsource": ""}, {"url": "https://access.redhat.com/errata/RHSA-2025:4048", "name": "RHSA-2025:4048", "tags": [], "refsource": ""}, {"url": "https://access.redhat.com/errata/RHSA-2025:4446", "name": "RHSA-2025:4446", "tags": [], "refsource": ""}, {"url": "https://access.redhat.com/errata/RHSA-2025:4447", "name": "RHSA-2025:4447", "tags": [], "refsource": ""}, {"url": "https://access.redhat.com/errata/RHSA-2025:4448", "name": "RHSA-2025:4448", "tags": [], "refsource": ""}, {"url": "https://access.redhat.com/errata/RHSA-2025:4449", "name": "RHSA-2025:4449", "tags": [], "refsource": ""}, {"url": "https://access.redhat.com/errata/RHSA-2025:7444", "name": "RHSA-2025:7444", "tags": [], "refsource": ""}, {"url": "https://access.redhat.com/errata/RHSA-2025:7512", "name": "RHSA-2025:7512", "tags": [], "refsource": ""}, {"url": "https://access.redhat.com/errata/RHSA-2025:8385", "name": "RHSA-2025:8385", "tags": [], "refsource": ""}, {"url": "https://access.redhat.com/security/cve/CVE-2024-8176", "name": "https://access.redhat.com/security/cve/CVE-2024-8176", "tags": [], "refsource": ""}, {"url": "https://github.com/libexpat/libexpat/issues/893", "name": "https://github.com/libexpat/libexpat/issues/893", "tags": [], "refsource": ""}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310137", "name": "RHBZ#2310137", "tags": [], "refsource": ""}, {"url": "https://bugzilla.suse.com/show_bug.cgi?id=1239618", "name": "https://bugzilla.suse.com/show_bug.cgi?id=1239618", "tags": [], "refsource": ""}, {"url": "https://github.com/libexpat/libexpat/blob/R_2_7_0/expat/Changes#L40-L52", "name": "https://github.com/libexpat/libexpat/blob/R_2_7_0/expat/Changes#L40-L52", "tags": [], "refsource": ""}, {"url": "http://www.openwall.com/lists/oss-security/2025/03/15/1", "name": "http://www.openwall.com/lists/oss-security/2025/03/15/1", "tags": [], "refsource": ""}, {"url": "https://gitlab.alpinelinux.org/alpine/aports/-/commit/d068c3ff36fc6f4789988a09c69b434db757db53", "name": "https://gitlab.alpinelinux.org/alpine/aports/-/commit/d068c3ff36fc6f4789988a09c69b434db757db53", "tags": [], "refsource": ""}, {"url": "https://security.netapp.com/advisory/ntap-20250328-0009/", "name": "https://security.netapp.com/advisory/ntap-20250328-0009/", "tags": [], "refsource": ""}, {"url": "https://security-tracker.debian.org/tracker/CVE-2024-8176", "name": "https://security-tracker.debian.org/tracker/CVE-2024-8176", "tags": [], "refsource": ""}, {"url": "https://ubuntu.com/security/CVE-2024-8176", "name": "https://ubuntu.com/security/CVE-2024-8176", "tags": [], "refsource": ""}, {"url": "https://www.kb.cert.org/vuls/id/760160", "name": "https://www.kb.cert.org/vuls/id/760160", "tags": [], "refsource": ""}, {"url": "https://blog.hartwork.org/posts/expat-2-7-0-released/", "name": "https://blog.hartwork.org/posts/expat-2-7-0-released/", "tags": [], "refsource": ""}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "A stack overflow vulnerability exists in the libexpat library due to the way it handles recursive entity expansion in XML documents. When parsing an XML document with deeply nested entity references, libexpat can be forced to recurse indefinitely, exhausting the stack space and causing a crash. This issue could lead to denial of service (DoS) or, in some cases, exploitable memory corruption, depending on the environment and library usage."}]}, "problemtype": {"problemtype_data": [{"description": []}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2024-8176", "ASSIGNER": "secalert@redhat.com"}}, "impact": {}, "publishedDate": "2025-03-14T09:15Z", "configurations": {"nodes": [], "CVE_data_version": "4.0"}, "lastModifiedDate": "2025-08-14T16:15Z"}