CVE-2022-40304: 
NixOS vulnerability analysis and mitigation

A vulnerability was discovered in libxml2 before version 2.10.3, identified as CVE-2022-40304. The issue involves invalid XML entity definitions that can corrupt a hash table key, which may lead to subsequent logic errors and in some cases can result in a double-free condition. This vulnerability was discovered and reported by Ned Williamson and Nathan Wachholz of Google Project Zero (CVE Details).

The vulnerability stems from a logic flaw in libxml2's XML entity cleanup function where reference cycles can cause XML entity data to be improperly stored. When certain invalid XML entity definitions are processed, they can corrupt hash table keys, potentially triggering subsequent logic errors. In one specific scenario, this corruption can lead to a double-free vulnerability (Debian Security). The vulnerability has been assigned a CVSS score of 7.8 (HIGH) with a vector of CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H (NetApp Advisory).

The successful exploitation of this vulnerability could lead to disclosure of sensitive information, addition or modification of data, or Denial of Service (DoS). In particular cases, it could allow remote users to cause unexpected application termination or arbitrary code execution (NetApp Advisory).

The vulnerability has been fixed in libxml2 version 2.10.3 and later. Various vendors have released patches for their affected products. For example, Apple has included fixes in iOS 15.7.2, iPadOS 15.7.2, macOS Monterey 12.6.2, and other OS versions. NetApp has also released patches for their affected products (Apple Security, NetApp Advisory).