---

CVE-2025-6170 - log back

CVE-2025-6170 created at 18 Jun 2025 23:47:55
Severity	+ Low
Remote	+ Remote
Type	+ Denial of service
Description	+ A stack-based buffer overflow vulnerability exists in the command-parsing logic of the interactive shell in xmllint. An attacker can supply an overly long argument to any shell command, triggering an unbounded memory copy that overflows a fixed-size buffer on the stack. This leads to a reliable Denial of Service and could be leveraged for Arbitrary Code Execution on systems without exploit mitigations.
References	+ https://gitlab.gnome.org/GNOME/libxml2/-/issues/941
Notes