CVE-2024-8176
Published: 14 March 2025
Description
Adversaries may exploit software vulnerabilities that can cause an application or system to crash and deny availability to users.
Security Summary
CVE-2024-8176 is a stack overflow vulnerability in the libexpat library, caused by improper handling of recursive entity expansion in XML documents. When parsing an XML document containing deeply nested entity references, libexpat recurses indefinitely, exhausting stack space and triggering a crash. This issue affects the libexpat library, which is widely used in applications that process XML.
The vulnerability carries a CVSS v3.1 base score of 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H), indicating it is exploitable over the network with low complexity, no privileges or user interaction required. Any unauthenticated attacker can supply a specially crafted XML document to an affected application using vulnerable libexpat, resulting in denial of service through application crashes. In certain environments or usage scenarios, it may also enable exploitable memory corruption.
Red Hat advisories address this vulnerability through updated packages in errata RHSA-2025:13681, RHSA-2025:22033, RHSA-2025:22034, RHSA-2025:22035, and RHSA-2025:22607. Security practitioners should apply these patches promptly to mitigate the risk in Red Hat environments relying on libexpat.
Details
- CWE(s)
MITRE ATT&CK Enterprise Techniques
Why these techniques?
The stack overflow from recursive XML entity expansion directly enables adversaries to crash affected applications, mapping to application/system exploitation for denial of service.