libxml2-2.9.13-14.el9_7
エラータID: AXSA:2025-11552:17
リリース日:
2025/12/18 Thursday - 16:03
題名:
libxml2-2.9.13-14.el9_7
影響のあるチャネル:
MIRACLE LINUX 9 for x86_64
Severity:
Moderate
Description:
以下項目について対処しました。
[Security Fix]
- libxml2 には、 無限ループの発生に至る問題があるため、ローカル
の攻撃者により、サービス拒否攻撃を可能とする脆弱性が存在します。
(CVE-2025-9714)
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2025-9714
Uncontrolled recursion in XPath evaluation in libxml2 up to and including version 2.9.14 allows a local attacker to cause a stack overflow via crafted expressions. XPath processing functions `xmlXPathRunEval`, `xmlXPathCtxtCompile`, and `xmlXPathEvalExpr` were resetting recursion depth to zero before making potentially recursive calls. When such functions were called recursively this could allow for uncontrolled recursion and lead to a stack overflow. These functions now preserve recursion depth across recursive calls, allowing recursion depth to be controlled.
Uncontrolled recursion in XPath evaluation in libxml2 up to and including version 2.9.14 allows a local attacker to cause a stack overflow via crafted expressions. XPath processing functions `xmlXPathRunEval`, `xmlXPathCtxtCompile`, and `xmlXPathEvalExpr` were resetting recursion depth to zero before making potentially recursive calls. When such functions were called recursively this could allow for uncontrolled recursion and lead to a stack overflow. These functions now preserve recursion depth across recursive calls, allowing recursion depth to be controlled.
追加情報:
N/A
ダウンロード:
SRPMS
- libxml2-2.9.13-14.el9_7.src.rpm
MD5: 1365523f34970434daa55870d1bf7113
SHA-256: 960f1a27f9ab3fa0bb8d4424defdac58f42a81316304435ee09be458142e4fe7
Size: 3.14 MB
Asianux Server 9 for x86_64
- libxml2-2.9.13-14.el9_7.i686.rpm
MD5: 6836bb8787b357bbaaffffebd2d25ae4
SHA-256: 041aa62bbb12a2dd36866b40f3101c39fc291f21feaed01ed611b800e0248570
Size: 784.13 kB - libxml2-2.9.13-14.el9_7.x86_64.rpm
MD5: c51c62692c6a0db8be69d7518a5c2b64
SHA-256: 80fa92533eb27b7793f923553c6a0880ed1ff26c6527c947a79f55ab4cd0f719
Size: 745.81 kB - libxml2-devel-2.9.13-14.el9_7.i686.rpm
MD5: 2cfd55939d3ec4e5c034983f8c5f0601
SHA-256: 06530f9876df46de117838d54870214e9504d45b974f86d59a29df688dbf3d3a
Size: 900.15 kB - libxml2-devel-2.9.13-14.el9_7.x86_64.rpm
MD5: bbffb57239cb97aa13bd72ce8e50b097
SHA-256: 48cc6d4f574caef03b5a636c1d62a878a0ce073ded854673542a703416fb9e41
Size: 900.23 kB - python3-libxml2-2.9.13-14.el9_7.x86_64.rpm
MD5: 6f6b5a487138808cbd686334ef4c9e45
SHA-256: 2ffbc5a39052b7ed2c89debbcbf9cd3d99b6613c53aabdc532bfeebe319a9d2d
Size: 224.83 kB
English