CVE-2024-56171
Published: 18 February 2025
Description
libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a use-after-free in xmlSchemaIDCFillNodeTables and xmlSchemaBubbleIDCNodeTables in xmlschemas.c. To exploit this, a crafted XML document must be validated against an XML schema with certain identity constraints, or a crafted XML schema must be used.
Security Summary
CVE-2024-56171 is a use-after-free vulnerability (CWE-416) in the libxml2 library, affecting versions before 2.12.10 and 2.13.x before 2.13.6. The flaw resides in the functions xmlSchemaIDCFillNodeTables and xmlSchemaBubbleIDCNodeTables within xmlschemas.c. Exploitation occurs when processing crafted XML inputs during schema validation.
A local attacker with no privileges (PR:N) can exploit this vulnerability by supplying a crafted XML document for validation against an XML schema featuring specific identity constraints, or by providing a crafted XML schema. The attack requires high complexity (AC:H) and local access (AV:L) with no user interaction (UI:N). Successful exploitation yields high confidentiality and integrity impacts (C:H/I:H) with no availability impact (A:N) but changed scope (S:C), as reflected in the CVSS v3.1 base score of 7.8.
Advisories recommend upgrading to libxml2 2.12.10 or later in the 2.12 branch, or 2.13.6 or later in the 2.13 branch to mitigate the issue. Further technical details and discussion appear in the libxml2 GitLab issue (https://gitlab.gnome.org/GNOME/libxml2/-/issues/828) and full disclosure postings (http://seclists.org/fulldisclosure/2025/Apr/10, http://seclists.org/fulldisclosure/2025/Apr/11, http://seclists.org/fulldisclosure/2025/Apr/12, http://seclists.org/fulldisclosure/2025/Apr/13).
Details
- CWE(s)