CVE-2025-6170 log
Source |
|
Severity | Low |
Remote | Yes |
Type | Denial of service |
Description | A stack-based buffer overflow vulnerability exists in the command-parsing logic of the interactive shell in xmllint. An attacker can supply an overly long argument to any shell command, triggering an unbounded memory copy that overflows a fixed-size buffer on the stack. This leads to a reliable Denial of Service and could be leveraged for Arbitrary Code Execution on systems without exploit mitigations. |
Group | Package | Affected | Fixed | Severity | Status | Ticket |
---|---|---|---|---|---|---|
AVG-2898 | libxml2 | 2.14.4-1 | High | Vulnerable |
References |
---|
https://gitlab.gnome.org/GNOME/libxml2/-/issues/941 |