« List of all CVEs

CVE-2025-6021

Libxml2: integer overflow in xmlbuildqname() leads to stack buffer overflow in libxml2

Published: 6/12/2025 Last updated: 2/6/2026 Reserved: 6/12/2025

A flaw was found in libxml2's xmlBuildQName function, where integer overflows in buffer size calculations can lead to a stack-based buffer overflow. This issue can result in memory corruption or a denial of service when processing crafted input.

CNA assigner: redhat (53f830b8-0a3f-465b-8143-3b8a9948e749) Requested by: n/a

Metrics

Version Score Severity Vector String
3.1 7.5 High CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Opam packages affected (5)

bap-llvm conf-gtksourceview conf-gtksourceview3 conf-librsvg2 lablgtk3-gtkspell3

Products affected (27)

Product Vendor Version
Red Hat Discovery 2 Red Hat < 398e67e0f5ae04b29bcc9cbf342e339fe9d3f6f1
Red Hat Insights proxy 1.5 Red Hat 3.4
Red Hat Enterprise Linux 7 Extended Lifecycle Support Red Hat <= 6.6.*
Red Hat Enterprise Linux 8 Red Hat <= 6.12.*
Red Hat Enterprise Linux 8 Red Hat <= 6.15.*
Red Hat Enterprise Linux 8.2 Advanced Update Support Red Hat <= *
Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support Red Hat < 8a4236456a3a402f6bb92aa7b75e7a3b4ef7a72c
Red Hat Enterprise Linux 8.6 Telecommunications Update Service Red Hat < 0b202dfedb5aa2e7d07d849be33fa3a48c026926
Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions Red Hat < 21ca0bfa11bbb9a9207f5d2104f47d3d71b4616e
Red Hat Enterprise Linux 8.8 Telecommunications Update Service Red Hat < d6a9fb87e9d18f3394a9845546bbe868efdccfd2
Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions Red Hat 5.15
Red Hat Enterprise Linux 9 Red Hat < 5.15
Red Hat Enterprise Linux 9 Red Hat <= 5.15.*
Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions Red Hat <= 6.0.*
Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions Red Hat <= 6.1.*
Red Hat Enterprise Linux 9.4 Extended Update Support Red Hat <= *
Red Hat Enterprise Linux 6 Red Hat < 3.4
Red Hat Enterprise Linux 10 Red Hat < 6.3
e91802036b3e6e6e803a17ddf5783a6354fe5380
Red Hat OpenShift Container Platform 4.15 Red Hat < 387435f4833f97aabfd74434ee526e31e8a626ea
Red Hat OpenShift Container Platform 4.16 Red Hat < 46b3a7a3a36d5833f14914d1b95c69d28c6a76d6
Red Hat OpenShift Container Platform 4.17 Red Hat < 9b0b3b5e5cae95e09bf0ae4a9bcb58d9b6d57f87
Red Hat OpenShift Container Platform 4.18 Red Hat < 96d6605bf0561d6e568b1dd9265a0f73b5b94f51
Red Hat OpenShift Container Platform 4.19 Red Hat < 30ef45b89a5961cdecf907ecff1ef3374d1de510
Red Hat OpenShift Container Platform 4.13 Red Hat < 75a3bdfeed2f129a2c7d9fd7779382b78e35b014
Red Hat OpenShift Container Platform 4.12 Red Hat < b28c1a14accc79ead1e87bbdae53309da60be1e7
Red Hat OpenShift Container Platform 4.14 Red Hat < 2499b0ac908eefbb8a217aae609b7a5b5174f330

References (52)

Credits (2)