CVE-2025-6021
BaseFortify
Publication date: 2025-06-12
Last updated on: 2026-04-19
Assigner: Red Hat, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| redhat | enterprise_linux_server | 7.0 |
| xmlsoft | libxml2 | to 2.14.4 (exc) |
| redhat | jboss_core_services | * |
| redhat | openshift_container_platform | 4.12 |
| redhat | openshift_container_platform | 4.13 |
| redhat | openshift_container_platform | 4.14 |
| redhat | openshift_container_platform | 4.15 |
| redhat | openshift_container_platform | 4.16 |
| redhat | openshift_container_platform | 4.17 |
| redhat | openshift_container_platform | 4.18 |
| redhat | openshift_container_platform_for_arm64 | 4.13 |
| redhat | openshift_container_platform_for_arm64 | 4.14 |
| redhat | openshift_container_platform_for_arm64 | 4.15 |
| redhat | openshift_container_platform_for_arm64 | 4.16 |
| redhat | openshift_container_platform_for_arm64 | 4.17 |
| redhat | openshift_container_platform_for_arm64 | 4.18 |
| redhat | openshift_container_platform_for_ibm_z | 4.13 |
| redhat | openshift_container_platform_for_ibm_z | 4.14 |
| redhat | openshift_container_platform_for_ibm_z | 4.15 |
| redhat | openshift_container_platform_for_ibm_z | 4.16 |
| redhat | openshift_container_platform_for_ibm_z | 4.17 |
| redhat | openshift_container_platform_for_ibm_z | 4.18 |
| redhat | openshift_container_platform_for_linuxone | 4.13 |
| redhat | openshift_container_platform_for_linuxone | 4.14 |
| redhat | openshift_container_platform_for_linuxone | 4.15 |
| redhat | openshift_container_platform_for_linuxone | 4.16 |
| redhat | openshift_container_platform_for_linuxone | 4.17 |
| redhat | openshift_container_platform_for_linuxone | 4.18 |
| redhat | openshift_container_platform_for_power | 4.13 |
| redhat | openshift_container_platform_for_power | 4.14 |
| redhat | openshift_container_platform_for_power | 4.15 |
| redhat | openshift_container_platform_for_power | 4.16 |
| redhat | openshift_container_platform_for_power | 4.17 |
| redhat | openshift_container_platform_for_power | 4.18 |
| redhat | enterprise_linux | 9.0 |
| redhat | enterprise_linux | 10.0 |
| redhat | enterprise_linux_eus | 8.4 |
| redhat | enterprise_linux_eus | 8.6 |
| redhat | enterprise_linux_eus | 8.8 |
| redhat | enterprise_linux_eus | 9.4 |
| redhat | enterprise_linux_eus | 9.6 |
| redhat | enterprise_linux_eus | 10.0 |
| redhat | enterprise_linux_for_arm_64 | 8.0_aarch64 |
| redhat | enterprise_linux_for_arm_64 | 9.0_aarch64 |
| redhat | enterprise_linux_for_arm_64 | 9.4_aarch64 |
| redhat | enterprise_linux_for_arm_64 | 10.0_aarch64 |
| redhat | enterprise_linux_for_arm_64_eus | 9.4_aarch64 |
| redhat | enterprise_linux_for_arm_64_eus | 9.6_aarch64 |
| redhat | enterprise_linux_for_arm_64_eus | 10.0_aarch64 |
| redhat | enterprise_linux_for_ibm_z_systems | 9.4_s390x |
| redhat | enterprise_linux_for_ibm_z_systems | 10.0_s390x |
| redhat | enterprise_linux_for_ibm_z_systems_eus | 9.0_s390x |
| redhat | enterprise_linux_for_ibm_z_systems_eus | 9.4_s390x |
| redhat | enterprise_linux_for_ibm_z_systems_eus | 9.6_s390x |
| redhat | enterprise_linux_for_ibm_z_systems_eus | 10.0_s390x |
| redhat | enterprise_linux_for_power_little_endian | 9.0_ppc64le |
| redhat | enterprise_linux_for_power_little_endian | 10.0_ppc64le |
| redhat | enterprise_linux_for_power_little_endian_eus | 9.4_ppc64le |
| redhat | enterprise_linux_for_power_little_endian_eus | 9.6_ppc64le |
| redhat | enterprise_linux_for_power_little_endian_eus | 10.0_ppc64le |
| redhat | enterprise_linux_server_aus | 8.2 |
| redhat | enterprise_linux_server_aus | 8.4 |
| redhat | enterprise_linux_server_aus | 8.6 |
| redhat | enterprise_linux_server_aus | 9.2 |
| redhat | enterprise_linux_server_aus | 9.4 |
| redhat | enterprise_linux_server_aus | 9.6 |
| redhat | enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions | 9.4_ppc64le |
| redhat | enterprise_linux_server_tus | 8.8 |
| redhat | in-vehicle_operating_system | 1.0 |
| redhat | enterprise_linux_for_power_little_endian | 8.0_ppc64le |
| redhat | enterprise_linux | 8.0 |
| redhat | enterprise_linux_for_ibm_z_systems | 8.0_s390x |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-121 | A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function). |
| CWE-190 | The product performs a calculation that can produce an integer overflow or wraparound when the logic assumes that the resulting value will always be larger than the original value. This occurs when an integer value is incremented to a value that is too large to store in the associated representation. When this occurs, the value may become a very small or negative number. |
| CWE-787 | The product writes data past the end, or before the beginning, of the intended buffer. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is an integer overflow in the libxml2 library's xmlBuildQName() function. It occurs because the lengths of XML name components are cast from size_t to int, causing incorrect length calculations when large values are involved. This leads to an integer overflow, which results in a stack-based buffer overflow when memcpy() is called with an excessively large size. This flaw can cause memory corruption or denial of service when processing crafted XML input. [1]
How can this vulnerability impact me? :
If exploited, this vulnerability can cause a denial of service by crashing the application processing the XML input. It may also lead to memory corruption, which could potentially be leveraged for further attacks depending on the context. The vulnerability is remotely exploitable if an attacker can control the XML content processed by the affected application. [1]
What immediate steps should I take to mitigate this vulnerability?
To mitigate this vulnerability, you should update libxml2 to a version that includes the fix for CVE-2025-6021. Avoid processing untrusted or crafted XML content that could trigger the integer overflow. Applying vendor patches or updates as soon as they become available is recommended to prevent exploitation. [1]