libxml2-2.9.1-6.6.0.5.el7.AXS7
エラータID: AXSA:2025-10894:16
リリース日:
2025/09/25 Thursday - 15:53
題名:
libxml2-2.9.1-6.6.0.5.el7.AXS7
影響のあるチャネル:
Asianux Server 7 for x86_64
Severity:
High
Description:
以下項目について対処しました。
[Security Fix]
- libxml2 には、スタックベースのバッファオーバーフローが発生する
問題があるため、リモートの攻撃者により、サービス拒否攻撃を可能と
する脆弱性が存在します。(CVE-2025-6021)
- libxslt には、メモリ領域の解放後利用の問題があるため、ローカル
の攻撃者により、データ破壊、およびサービス拒否攻撃を可能とする
脆弱性が存在します。(CVE-2025-7425)
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2025-6021
A flaw was found in libxml2's xmlBuildQName function, where integer overflows in buffer size calculations can lead to a stack-based buffer overflow. This issue can result in memory corruption or a denial of service when processing crafted input.
A flaw was found in libxml2's xmlBuildQName function, where integer overflows in buffer size calculations can lead to a stack-based buffer overflow. This issue can result in memory corruption or a denial of service when processing crafted input.
CVE-2025-7425
A flaw was found in libxslt where the attribute type, atype, flags are modified in a way that corrupts internal memory management. When XSLT functions, such as the key() process, result in tree fragments, this corruption prevents the proper cleanup of ID attributes. As a result, the system may access freed memory, causing crashes or enabling attackers to trigger heap corruption.
A flaw was found in libxslt where the attribute type, atype, flags are modified in a way that corrupts internal memory management. When XSLT functions, such as the key() process, result in tree fragments, this corruption prevents the proper cleanup of ID attributes. As a result, the system may access freed memory, causing crashes or enabling attackers to trigger heap corruption.
追加情報:
N/A
ダウンロード:
Asianux Server 7 for x86_64
- libxml2-2.9.1-6.6.0.5.el7.AXS7.i686.rpm
MD5: f6f8d48bd1f4519d0120716823043544
SHA-256: e96f3d1ced7399a0cec07e849bf2184ceb44b09be86c6f54666bca1dc6bfed1b
Size: 656.17 kB - libxml2-2.9.1-6.6.0.5.el7.AXS7.x86_64.rpm
MD5: e005948738ec7fcfef59da5f3405453a
SHA-256: e1da98811eba1095fcb8da3be4eef645a19cce303c22e8478bf0b8e787d8d4dd
Size: 669.79 kB - libxml2-devel-2.9.1-6.6.0.5.el7.AXS7.i686.rpm
MD5: d67fa6fcfb51c91f3686ba44899b3aac
SHA-256: d4512670461f1a4ff3434c484ace7f9c9b2d0c93af677175adfefb80a8d88f22
Size: 1.05 MB - libxml2-devel-2.9.1-6.6.0.5.el7.AXS7.x86_64.rpm
MD5: ffa25e11ec977b658238c80f578fdd2d
SHA-256: 4dbc46a802fb8585ab2f7cb8b0874e5dc8d73715857974adc57e5db9758a7cd0
Size: 1.05 MB - libxml2-python-2.9.1-6.6.0.5.el7.AXS7.x86_64.rpm
MD5: 56f5f620e285c56ebed805b6c32cd234
SHA-256: 9cfe6e58f25488ab003e1033dd04e6598efe6906fea25cb424e45993a872fd16
Size: 248.71 kB
English