Primary

Context

Libxml2 Use-After-Free Vulnerability in XML Schema Processing

Vulnerability

Patched

A use-after-free vulnerability has been identified in Libxml2 versions prior to 2.12.10 and 2.13.0 prior to 2.13.6. The issue occurs in the XML schema processing functions 'xmlSchemaIDCFillNodeTables' and 'xmlSchemaBubbleIDCNodeTables'. Exploitation requires validating a crafted XML document against an XML schema with specific identity constraints, or using a specially crafted XML schema.

Impact

Exploitation of this vulnerability could result in a use-after-free condition, leading to potential memory corruption.

Reproduction

The vulnerability can be reproduced by validating a crafted XML document against an XML schema that includes certain identity constraints. This can be done using the 'xmllint' command-line tool with the '--noout' and '--schema' options, followed by the path to the XML schema and the XML document.

Remediation

Users should upgrade to Libxml2 versions 2.12.10, 2.13.6, or 2.14.0 (upcoming).

Added: Sep 1, 2025, 7:22 PM

Updated: Sep 1, 2025, 7:22 PM

Vulnerability Rating

Custom Algorithm

spread

7.8

impact

2.5

exploitability

6.0

remediation

7.7

relevance

0.0

threat

6.4

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

7.8

impact

2.5

exploitability

6.0

remediation

7.7

relevance

0.0

threat

6.4

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Libxml2 Use-After-Free Vulnerability in XML Schema Processing

Vulnerability

Impact

Reproduction

Remediation

Affected Products

GNOME libxml2

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating