High severity8.8NVD Advisory· Published Jul 23, 2016· Updated Jun 17, 2026
CVE-2016-5131
CVE-2016-5131
Description
Use-after-free vulnerability in libxml2 through 2.9.4, as used in Google Chrome before 52.0.2743.82, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the XPointer range-to function.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
44cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*+ 1 more
- cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
- cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*
- osv-coords25 versionspkg:rpm/opensuse/chromium&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/ruby3.2-rubygem-nokogiri&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/rubygem-nokogiri&distro=openSUSE%20Tumbleweedpkg:rpm/suse/chromium&distro=SUSE%20Package%20Hub%2012pkg:rpm/suse/libxml2&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP2pkg:rpm/suse/libxml2&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP3pkg:rpm/suse/libxml2&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4pkg:rpm/suse/libxml2&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2pkg:rpm/suse/libxml2&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3pkg:rpm/suse/libxml2&distro=SUSE%20Linux%20Enterprise%20Server%20for%20Raspberry%20Pi%2012%20SP2pkg:rpm/suse/libxml2&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2011%20SP4pkg:rpm/suse/libxml2&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP2pkg:rpm/suse/libxml2&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP3pkg:rpm/suse/libxml2&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2011%20SP4pkg:rpm/suse/libxml2&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP2pkg:rpm/suse/libxml2&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP3pkg:rpm/suse/libxml2-python&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4pkg:rpm/suse/libxml2-python&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2011%20SP4pkg:rpm/suse/python-libxml2&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP2pkg:rpm/suse/python-libxml2&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP3pkg:rpm/suse/python-libxml2&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2pkg:rpm/suse/python-libxml2&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3pkg:rpm/suse/python-libxml2&distro=SUSE%20Linux%20Enterprise%20Server%20for%20Raspberry%20Pi%2012%20SP2pkg:rpm/suse/python-libxml2&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP2pkg:rpm/suse/python-libxml2&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP3
< 55.0.2883.75-3.1+ 24 more
- (no CPE)range: < 55.0.2883.75-3.1
- (no CPE)range: < 1.13.9-1.7
- (no CPE)range: < 1.13.3-1.1
- (no CPE)range: < 52.0.2743.82-89.1
- (no CPE)range: < 2.9.4-46.12.1
- (no CPE)range: < 2.9.4-46.12.1
- (no CPE)range: < 2.7.6-0.77.10.1
- (no CPE)range: < 2.9.4-46.12.1
- (no CPE)range: < 2.9.4-46.12.1
- (no CPE)range: < 2.9.4-46.12.1
- (no CPE)range: < 2.7.6-0.77.10.1
- (no CPE)range: < 2.9.4-46.12.1
- (no CPE)range: < 2.9.4-46.12.1
- (no CPE)range: < 2.7.6-0.77.10.1
- (no CPE)range: < 2.9.4-46.12.1
- (no CPE)range: < 2.9.4-46.12.1
- (no CPE)range: < 2.7.6-0.77.10.1
- (no CPE)range: < 2.7.6-0.77.10.1
- (no CPE)range: < 2.9.4-46.12.1
- (no CPE)range: < 2.9.4-46.12.1
- (no CPE)range: < 2.9.4-46.12.1
- (no CPE)range: < 2.9.4-46.12.1
- (no CPE)range: < 2.9.4-46.12.1
- (no CPE)range: < 2.9.4-46.12.1
- (no CPE)range: < 2.9.4-46.12.1
Patches
Vulnerability mechanics
References
25- googlechromereleases.blogspot.com/2016/07/stable-channel-update.htmlnvd
- lists.apple.com/archives/security-announce/2016/Sep/msg00006.htmlnvd
- lists.apple.com/archives/security-announce/2016/Sep/msg00008.htmlnvd
- lists.apple.com/archives/security-announce/2016/Sep/msg00010.htmlnvd
- lists.apple.com/archives/security-announce/2016/Sep/msg00011.htmlnvd
- lists.opensuse.org/opensuse-security-announce/2016-07/msg00020.htmlnvd
- lists.opensuse.org/opensuse-security-announce/2016-07/msg00021.htmlnvd
- lists.opensuse.org/opensuse-security-announce/2016-07/msg00022.htmlnvd
- lists.opensuse.org/opensuse-security-announce/2016-07/msg00028.htmlnvd
- rhn.redhat.com/errata/RHSA-2016-1485.htmlnvd
- www.debian.org/security/2016/dsa-3637nvd
- www.securityfocus.com/bid/92053nvd
- www.securitytracker.com/id/1036428nvd
- www.securitytracker.com/id/1038623nvd
- www.ubuntu.com/usn/USN-3041-1nvd
- bugzilla.redhat.com/show_bug.cginvd
- codereview.chromium.org/2127493002nvd
- crbug.com/623378nvd
- security.gentoo.org/glsa/201610-09nvd
- security.gentoo.org/glsa/201701-37nvd
- source.android.com/security/bulletin/2017-05-01nvd
- support.apple.com/HT207141nvd
- support.apple.com/HT207142nvd
- support.apple.com/HT207143nvd
- support.apple.com/HT207170nvd
News mentions
0No linked articles in our index yet.