libxml2-2.9.7-21.el8_10.4
エラータID: AXSA:2026-525:01
リリース日:
2026/05/04 Monday - 10:28
題名:
libxml2-2.9.7-21.el8_10.4
影響のあるチャネル:
Asianux Server 8 for x86_64
Severity:
Moderate
Description:
以下項目について対処しました。
[Security Fix]
- libxml2 には、 無限ループの発生に至る問題があるため、ローカル
の攻撃者により、サービス拒否攻撃を可能とする脆弱性が存在します。
(CVE-2025-9714)
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2025-9714
Uncontrolled recursion in XPath evaluation in libxml2 up to and including version 2.9.14 allows a local attacker to cause a stack overflow via crafted expressions. XPath processing functions `xmlXPathRunEval`, `xmlXPathCtxtCompile`, and `xmlXPathEvalExpr` were resetting recursion depth to zero before making potentially recursive calls. When such functions were called recursively this could allow for uncontrolled recursion and lead to a stack overflow. These functions now preserve recursion depth across recursive calls, allowing recursion depth to be controlled.
Uncontrolled recursion in XPath evaluation in libxml2 up to and including version 2.9.14 allows a local attacker to cause a stack overflow via crafted expressions. XPath processing functions `xmlXPathRunEval`, `xmlXPathCtxtCompile`, and `xmlXPathEvalExpr` were resetting recursion depth to zero before making potentially recursive calls. When such functions were called recursively this could allow for uncontrolled recursion and lead to a stack overflow. These functions now preserve recursion depth across recursive calls, allowing recursion depth to be controlled.
追加情報:
N/A
ダウンロード:
SRPMS
- libxml2-2.9.7-21.el8_10.4.src.rpm
MD5: d3beaf312c66b70282a68267d8c1ad27
SHA-256: 1c6b2563f853ac5ef1f1573c0bfc81b7cbe6a8af7c296d427ea20fe9bc370cef
Size: 5.25 MB
Asianux Server 8 for x86_64
- libxml2-2.9.7-21.el8_10.4.i686.rpm
MD5: 0754b36e688184a2ed8fe54a0e615fc6
SHA-256: f889dc5835e40c236c82122e0b167e17da806e2d594fd9444ef0a34bfbc8a218
Size: 742.34 kB - libxml2-2.9.7-21.el8_10.4.x86_64.rpm
MD5: 810080cc8a3ff7221dc61a21f2a9826c
SHA-256: 18c1e349007cb975bc4b8054ac94ab99ec133587603dd2b840a57816bb24ae54
Size: 697.21 kB - libxml2-devel-2.9.7-21.el8_10.4.i686.rpm
MD5: 2b2dfe444bd038c8c3926c8893e598e5
SHA-256: 06f4207e7cc5594786b25d489805f7b169ed737959f9f4d33a6b6e811eb05436
Size: 1.04 MB - libxml2-devel-2.9.7-21.el8_10.4.x86_64.rpm
MD5: 4d62d35df0f949b65e2dd53a34239c57
SHA-256: 386d2644d7c12b9334a305470b329ebc62a1c0b9280f40fd194deb8acf3ef12e
Size: 1.04 MB - python3-libxml2-2.9.7-21.el8_10.4.x86_64.rpm
MD5: f8e3efe7b492ced36bec5a84d3b3c1b2
SHA-256: 5e2750e8590257378adc904a1d86964a0a297e11703e380d3ab9f342db76df3e
Size: 237.62 kB
English