CNNVD-202506-1657 Information
CNNVD ID
CNNVD-202506-1657
Related CVE
- CNNVD Published: 2025-06-12
Description (Chinese)
libxml2是GNOME开源的一个用来解析XML文档的函数库。它用C语言写成,并且能为多种语言所调用,例如C语言,C++,XSH。 libxml2存在安全漏洞,该漏洞源于xmlBuildQName函数中缓冲区大小计算的整数溢出可能导致栈缓冲区溢出,可能导致内存损坏或拒绝服务。
Description (English)
libxml2 is a function library for the analysis of XML documents from an open source of GNOME. It is written in C and can be called in many languages, such as C, C++, XSH. There is a security loophole in libxml2, which originates from the integer spill of the size of the buffer zone in the xmlBuildQ Name function, which could lead to a spill of the stowage buffer, which could lead to memory damage or denial of service.
Hazard Level
Medium
Vulnerability Type
其他
Affected Vendor
GNOME
Published
2025-06-12
Last Modified
2026-02-24
References
https://access.redhat.com/security/cve/CVE-2025-6021 https://bugzilla.redhat.com/show_bug.cgi?id=2372406 https://access.redhat.com/errata/RHSA-2025:14396 https://access.redhat.com/errata/RHSA-2025:14059 https://access.redhat.com/errata/RHSA-2025:13336 https://access.redhat.com/errata/RHSA-2025:13335 https://access.redhat.com/errata/RHSA-2025:13325 https://access.redhat.com/errata/RHSA-2025:13289 https://access.redhat.com/errata/RHSA-2025:13267 https://access.redhat.com/errata/RHSA-2025:12241 https://access.redhat.com/errata/RHSA-2025:12240 https://access.redhat.com/errata/RHSA-2025:12239 https://access.redhat.com/errata/RHSA-2025:12237 https://access.redhat.com/errata/RHSA-2025:12199 https://access.redhat.com/errata/RHSA-2025:12099 https://access.redhat.com/errata/RHSA-2025:12098 https://access.redhat.com/errata/RHSA-2025:11580 https://access.redhat.com/errata/RHSA-2025:10699 https://access.redhat.com/errata/RHSA-2025:10698 https://access.redhat.com/errata/RHSA-2025:10630 https://nvd.nist.gov/vuln/detail/CVE-2025-6021 https://www.oracle.com/security-alerts/cpujan2026.html https://vigilance.fr/vulnerability/libxml2-integer-overflow-via-xmlBuildQName-47429
Share on: