CVE-2024-50602: 
Rocky Linux vulnerability analysis and mitigation

A security vulnerability (CVE-2024-50602) was discovered in libexpat versions before 2.6.4. The vulnerability involves a crash within the XMLResumeParser function due to XMLStopParser's ability to stop or suspend an unstarted parser (NVD, Debian Tracker).

The vulnerability occurs when XMLStopParser attempts to stop or suspend a parser that hasn't been started, leading to a NULL pointer dereference in the normalupdatePosition function. This results in a crash with AddressSanitizer reporting a SEGV on an unknown address, specifically a READ memory access pointing to the zero page (GitHub PR). The vulnerability has been assigned a CVSS 3.1 Base Score of 5.9 (Medium) with the vector string CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H (NVD).

The vulnerability can lead to a crash of applications using the affected libexpat versions, potentially causing denial of service when processing XML data (NVD). This affects various systems and applications that depend on libexpat for XML parsing functionality.

The vulnerability has been fixed in libexpat version 2.6.4. Users should upgrade to this version or apply the available patches. For Python users specifically, the fix is available in Python versions 3.13.1, 3.12.8, 3.11.11, 3.10.16, and 3.9.21, which include the updated libexpat (GitHub PR).