------------------------------------------------------------------------- Debian LTS Advisory DLA-4251-1 debian-lts@lists.debian.org https://www.debian.org/lts/security/ Guilhem Moulin July 26, 2025 https://wiki.debian.org/LTS ------------------------------------------------------------------------- Package : libxml2 Version : 2.9.10+dfsg-6.7+deb11u8 CVE ID : CVE-2024-34459 CVE-2025-6021 CVE-2025-6170 CVE-2025-49794 CVE-2025-49796 Debian Bug : 1071162 1107720 1107755 1107938 Multiple security issues were found in libxml2, the GNOME XML library, which could yield to denial of service or potentially arbitrary code execution. CVE-2024-34459 Zhineng Zhong discovered that formatting error messages with `xmllint --htmlout` could result in a buffer over-read. CVE-2025-6021 Ahmed Lekssays discovered an integer overflow issue in `xmlBuildQName()` which could result in memory corruption or a denial of service when processing crafted input. CVE-2025-6170 Ahmed Lekssays discovered a stack-based buffer overflow issue in the command-parsing logic of the interactive shell in xmllint. CVE-2025-49794 Nikita Sveshnikov discovered a heap use-after-free issue in the schematron. When processing XPath expressions in Schematron schema elements `<sch:name path="…"/>`, a pointer to freed memory is returned and then accessed, leading to undefined behavior or potential crashes. CVE-2025-49796 Nikita Sveshnikov discovered a type confusion issue in the schematron. Processing `sch:name` elements and accessing namespace information may lead to leading to memory corruption or undefined behavior. For Debian 11 bullseye, these problems have been fixed in version 2.9.10+dfsg-6.7+deb11u8. We recommend that you upgrade your libxml2 packages. For the detailed security status of libxml2 please refer to its security tracker page at: https://security-tracker.debian.org/tracker/libxml2 Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS
Attachment:
signature.asc
Description: PGP signature