ГлавнаяУязвимости → CVE-2025-6021
7.5высокая

CVE-2025-6021

→ есть в БДУ: BDU:2025-07144 (на русском)
Описание (на английском; русское — в БДУ выше)

A flaw was found in libxml2's xmlBuildQName function, where integer overflows in buffer size calculations can lead to a stack-based buffer overflow. This issue can result in memory corruption or a denial of service when processing crafted input.

Затрагиваемое ПО
Xmlsoft Libxml2Redhat Jboss core servicesRedhat Openshift container platformRedhat Openshift container platform for arm64Redhat Openshift container platform for ibm zRedhat Openshift container platform for linuxoneRedhat Openshift container platform for powerRedhat Enterprise linuxRedhat Enterprise linux eusRedhat Enterprise linux for arm 64Redhat Enterprise linux for arm 64 eusRedhat Enterprise linux for ibm z systemsRedhat Enterprise linux for ibm z systems eusRedhat Enterprise linux for power little endianRedhat Enterprise linux for power little endian eusRedhat Enterprise linux serverRedhat Enterprise linux server ausRedhat Enterprise linux server for power little endian update services for sap solutionsRedhat Enterprise linux server tusRedhat In-vehicle operating system
CVSS
Балл7.5 — высокая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Источники
https://access.redhat.com/errata/RHSA-2025:10630https://access.redhat.com/errata/RHSA-2025:10698https://access.redhat.com/errata/RHSA-2025:10699https://access.redhat.com/errata/RHSA-2025:11580https://access.redhat.com/errata/RHSA-2025:11673https://access.redhat.com/errata/RHSA-2025:12098https://access.redhat.com/errata/RHSA-2025:12099https://access.redhat.com/errata/RHSA-2025:12199