CVE-2025-49794Expired Pointer Dereference in Libxml2

CWE-825Expired Pointer Dereference11 documents9 sources
Severity
9.1CRITICALNVD
EPSS
0.4%
top 36.55%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
6
Xmlsoft Libxml2NokogiriDebian Libxml2+3 more
Timeline
PublishedJun 16
Latest updateAug 14

Description

A use-after-free vulnerability was found in libxml2. This issue occurs when parsing XPath elements under certain circumstances when the XML schematron has the schema elements. This flaw allows a malicious actor to craft a malicious XML document used as input for libxml, resulting in the program's crash using libxml or other possible undefined behaviors.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:HExploitability: 3.9 | Impact: 5.2

Affected Packages7 packages

debiandebian/libxml2< libxml2 2.9.14+dfsg-1.3~deb12u3 (bookworm)
Debianxmlsoft/libxml2< 2.9.10+dfsg-6.7+deb11u8+3
Ubuntuxmlsoft/libxml2< 2.9.13+dfsg-1ubuntu0.8+5

🔴Vulnerability Details

5
OSV
libxml2 vulnerabilities2025-08-14
OSV
Nokogiri patches vendored libxml2 to resolve multiple CVEs2025-07-21
GHSA
Nokogiri patches vendored libxml2 to resolve multiple CVEs2025-07-21
OSV
CVE-2025-49794: A use-after-free vulnerability was found in libxml22025-06-16
GHSA
GHSA-qg4c-8pj4-qgw2: A use-after-free vulnerability was found in libxml22025-06-16

📋Vendor Advisories

4
Ubuntu
libxml2 vulnerabilities2025-08-14
Red Hat
libxml: Heap use after free (UAF) leads to Denial of service (DoS)2025-06-10
Microsoft
Libxml: heap use after free (uaf) leads to denial of service (dos)2025-06-10
Debian
CVE-2025-49794: libxml2 - A use-after-free vulnerability was found in libxml2. This issue occurs when pars...2025

💬Community

1
Bugzilla
CVE-2025-49794 libxml: Heap use after free (UAF) leads to Denial of service (DoS)2025-06-12