Описание
In libxml2 before 2.13.8 and 2.14.x before 2.14.2, xmlSchemaIDCFillNodeTables in xmlschemas.c has a heap-based buffer under-read. To exploit this, a crafted XML document must be validated against an XML schema with certain identity constraints, or a crafted XML schema must be used.
A flaw was found in the libxml2 library. A heap-based underflow can be triggered when a crafted XML document is validated against an XML schema with certain identity constraints or when a crafted XML schema is used, causing a crash to the application linked to the library and resulting in a denial of service.
Отчет
To exploit this issue, an attacker needs to be able to process a specially crafted XML file with the application linked to the libxml2 library. Additionally, the only security impact of this vulnerability is a denial of service.
Меры по смягчению последствий
Do not process untrusted files with the libxml2 library.
Затронутые пакеты
Платформа | Пакет | Состояние | Рекомендация | Релиз |
---|---|---|---|---|
Red Hat Enterprise Linux 6 | libxml2 | Out of support scope | ||
Red Hat Enterprise Linux 7 | libxml2 | Affected | ||
Red Hat JBoss Core Services | libxml2 | Affected | ||
Red Hat OpenShift Container Platform 4 | rhcos | Affected | ||
Red Hat Enterprise Linux 10 | libxml2 | Fixed | RHSA-2025:13429 | 07.08.2025 |
Red Hat Enterprise Linux 8 | libxml2 | Fixed | RHSA-2025:13203 | 06.08.2025 |
Red Hat Enterprise Linux 8 | libxml2 | Fixed | RHSA-2025:13203 | 06.08.2025 |
Red Hat Enterprise Linux 9 | libxml2 | Fixed | RHSA-2025:13428 | 07.08.2025 |
Red Hat Enterprise Linux 9 | libxml2 | Fixed | RHSA-2025:13428 | 07.08.2025 |
Показывать по
Дополнительная информация
Статус:
EPSS
7.5 High
CVSS3
Связанные уязвимости
In libxml2 before 2.13.8 and 2.14.x before 2.14.2, xmlSchemaIDCFillNodeTables in xmlschemas.c has a heap-based buffer under-read. To exploit this, a crafted XML document must be validated against an XML schema with certain identity constraints, or a crafted XML schema must be used.
In libxml2 before 2.13.8 and 2.14.x before 2.14.2, xmlSchemaIDCFillNodeTables in xmlschemas.c has a heap-based buffer under-read. To exploit this, a crafted XML document must be validated against an XML schema with certain identity constraints, or a crafted XML schema must be used.
In libxml2 before 2.13.8 and 2.14.x before 2.14.2, xmlSchemaIDCFillNod ...
EPSS
7.5 High
CVSS3