CVE-2025-49796

Summary

A vulnerability was found in libxml2. Processing certain sch:name elements from the input XML file can trigger a memory corruption issue. This flaw allows an attacker to craft a malicious XML input file that can lead libxml to crash, resulting in a denial of service or other possible undefined behavior due to sensitive data being corrupted in memory.

Affected Software

VendorProductVersion RangeStatus
0 < 2.15.0affected
Red HatRed Hat Enterprise Linux 100:2.12.5-7.el10_0 < *unaffected
Red HatRed Hat Enterprise Linux 7 Extended Lifecycle Support0:2.9.1-6.el7_9.10 < *unaffected
Red HatRed Hat Enterprise Linux 80:2.9.7-21.el8_10.1 < *unaffected
Red HatRed Hat Enterprise Linux 80:2.9.7-21.el8_10.1 < *unaffected
Red HatRed Hat Enterprise Linux 8.2 Advanced Update Support0:2.9.7-9.el8_2.3 < *unaffected
Red HatRed Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support0:2.9.7-9.el8_4.6 < *unaffected
Red HatRed Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On0:2.9.7-9.el8_4.6 < *unaffected
Red HatRed Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support0:2.9.7-13.el8_6.10 < *unaffected
Red HatRed Hat Enterprise Linux 8.6 Telecommunications Update Service0:2.9.7-13.el8_6.10 < *unaffected
Red HatRed Hat Enterprise Linux 8.6 Update Services for SAP Solutions0:2.9.7-13.el8_6.10 < *unaffected
Red HatRed Hat Enterprise Linux 8.8 Telecommunications Update Service0:2.9.7-16.el8_8.9 < *unaffected
Red HatRed Hat Enterprise Linux 8.8 Update Services for SAP Solutions0:2.9.7-16.el8_8.9 < *unaffected
Red HatRed Hat Enterprise Linux 90:2.9.13-10.el9_6 < *unaffected
Red HatRed Hat Enterprise Linux 90:2.9.13-10.el9_6 < *unaffected
Red HatRed Hat Enterprise Linux 9.0 Update Services for SAP Solutions0:2.9.13-1.el9_0.5 < *unaffected
Red HatRed Hat Enterprise Linux 9.2 Update Services for SAP Solutions0:2.9.13-3.el9_2.7 < *unaffected
Red HatRed Hat Enterprise Linux 9.4 Extended Update Support0:2.9.13-10.el9_4 < *unaffected
Red HatRed Hat OpenShift Container Platform 4.12412.86.202510291903-0 < *unaffected
Red HatRed Hat OpenShift Container Platform 4.13413.92.202510150118-0 < *unaffected
Red HatRed Hat OpenShift Container Platform 4.14414.92.202510211419-0 < *unaffected
Red HatRed Hat OpenShift Container Platform 4.17417.94.202510112152-0 < *unaffected
Red HatRed Hat OpenShift Container Platform 4.18418.94.202510230424-0 < *unaffected
Red HatRed Hat OpenShift Container Platform 4.194.19.9.6.202510140714-0 < *unaffected
Red HatRed Hat OpenShift Container Platform 4.204.20.9.6.202509251656-0 < *unaffected
Red HatRed Hat Web Terminal 1.11 on RHEL 91.11-19 < *unaffected
Red HatRed Hat Web Terminal 1.11 on RHEL 91.11-8 < *unaffected
Red HatRed Hat Web Terminal 1.12 on RHEL 91.12-4 < *unaffected
Red HatRHOSS-1.36-RHEL-81.36.0-11 < *unaffected
Red HatRHOSS-1.36-RHEL-81.36.0-11 < *unaffected
Red HatRHOSS-1.36-RHEL-81.36.0-11 < *unaffected
Red HatRHOSS-1.36-RHEL-81.36.0-10 < *unaffected
Red HatRHOSS-1.36-RHEL-81.36.0-10 < *unaffected
Red HatRHOSS-1.36-RHEL-81.36.0-4 < *unaffected
Red HatRHOSS-1.36-RHEL-81.36.0-9 < *unaffected
Red HatRHOSS-1.36-RHEL-81.36.0-12 < *unaffected
Red HatRHOSS-1.36-RHEL-81.36.0-18 < *unaffected
Red HatRHOSS-1.36-RHEL-81.36.0-11 < *unaffected
Red HatRHOSS-1.36-RHEL-81.36.0-7 < *unaffected
Red Hatcert-manager operator for Red Hat OpenShift 1.16v1.16.5-1760515757 < *unaffected
Red HatOpenShift File Integrity Operator - FIO 1v1.3 < *unaffected
Red HatRed Hat Discovery 22.0.1-1754478727 < *unaffected
Red HatRed Hat Hardened Images2.15.2-0.3.hum1 < *unaffected
Red HatRed Hat Insights proxy 1.51.5.5-1754504343 < *unaffected

Weaknesses

  • CWE-125: Out-of-bounds Read

Workarounds

There's no available mitigation other than to avoid processing untrusted XML documents if the user is unable/unwilling to update the library.

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

CVE Program Container

Additional References

Additional References

References