CVE-2022-40304: Dictionary Corruption via Entity Reference Cycles in libxml2 v2.9.14

A logic bug in libxml2 v2.9.14 causes hash table (dictionary) corruption when crafted XML content triggers entity reference cycles combined with dictionary growth operations. The vulnerability occurs in the entity cleanup code path when entity->doc becomes NULL or the associated dictionary is freed/modified during parsing. This can lead to use-after-free, double-free, or memory corruption when freeing entity strings that are still owned by a dictionary but marked for independent deallocation.