7.5

CVE-2025-6021

Medienbericht
Exploit

Libxml2: integer overflow in xmlbuildqname() leads to stack buffer overflow in libxml2

A flaw was found in libxml2's xmlBuildQName function, where integer overflows in buffer size calculations can lead to a stack-based buffer overflow. This issue can result in memory corruption or a denial of service when processing crafted input.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
XmlsoftLibxml2 Version < 2.14.4
RedhatEnterprise Linux Version8.0
RedhatEnterprise Linux Version9.0
RedhatEnterprise Linux Version10.0
RedhatEnterprise Linux Eus Version8.4
RedhatEnterprise Linux Eus Version8.6
RedhatEnterprise Linux Eus Version8.8
RedhatEnterprise Linux Eus Version9.4
RedhatEnterprise Linux Eus Version9.6
RedhatEnterprise Linux Eus Version10.0
RedhatEnterprise Linux For Arm 64 Version8.0_aarch64
RedhatEnterprise Linux For Arm 64 Version9.0_aarch64
RedhatEnterprise Linux For Arm 64 Version9.4_aarch64
RedhatEnterprise Linux For Arm 64 Version10.0_aarch64
RedhatEnterprise Linux For Arm 64 Eus Version9.4_aarch64
RedhatEnterprise Linux For Arm 64 Eus Version9.6_aarch64
RedhatEnterprise Linux For Arm 64 Eus Version10.0_aarch64
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 1.07% 0.604
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
secalert@redhat.com 7.5 3.9 3.6
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CWE-787 Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

Für Zugriff zu Vulnerability Intelligence ist ein VulnDex Zugang erforderlich.
VulnDex Intel
Media Report
09.08.2025 11:36
https://access.redhat.com/security/cve/CVE-2025-6021
Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2372406
Issue Tracking
https://access.redhat.com/errata/RHSA-2025:10630
Third Party Advisory
https://access.redhat.com/errata/RHSA-2025:10698
Third Party Advisory
https://access.redhat.com/errata/RHSA-2025:10699
Third Party Advisory
https://access.redhat.com/errata/RHSA-2025:11580
Third Party Advisory
https://access.redhat.com/errata/RHSA-2025:12098
Third Party Advisory
https://access.redhat.com/errata/RHSA-2025:12099
Third Party Advisory
https://access.redhat.com/errata/RHSA-2025:12199
Third Party Advisory
https://access.redhat.com/errata/RHSA-2025:12239
Third Party Advisory
https://access.redhat.com/errata/RHSA-2025:12240
Third Party Advisory
https://access.redhat.com/errata/RHSA-2025:12241
Third Party Advisory
https://access.redhat.com/errata/RHSA-2025:12237
Third Party Advisory
https://access.redhat.com/errata/RHSA-2025:13267
Third Party Advisory
https://access.redhat.com/errata/RHSA-2025:13335
Third Party Advisory
https://access.redhat.com/errata/RHSA-2025:13336
Third Party Advisory
https://access.redhat.com/errata/RHSA-2025:13325
Third Party Advisory
https://access.redhat.com/errata/RHSA-2025:13289
Third Party Advisory
https://access.redhat.com/errata/RHSA-2025:14059
Third Party Advisory
https://access.redhat.com/errata/RHSA-2025:14396
Third Party Advisory
https://gitlab.gnome.org/GNOME/libxml2/-/issues/926
Vendor Advisory
Exploit
Issue Tracking
https://access.redhat.com/errata/RHSA-2025:15308
Third Party Advisory
https://access.redhat.com/errata/RHSA-2025:15672
Third Party Advisory
https://access.redhat.com/errata/RHSA-2025:19020
https://lists.debian.org/debian-lts-announce/2025/07/msg00014.html
https://access.redhat.com/errata/RHSA-2025:11673
https://access.redhat.com/errata/RHSA-2026:7519
https://cert-portal.siemens.com/productcert/html/ssa-032379.html