CVE-2025-24855
Published: 14 March 2025
Description
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.
Security Summary
CVE-2025-24855 is a use-after-free vulnerability (CWE-416) in the numbers.c component of libxslt versions prior to 1.1.43. It arises during nested XPath evaluations, where an XPath context node can be modified but is never restored, affecting functions such as xsltNumberFormatGetValue, xsltEvalXPathPredicate, xsltEvalXPathStringNs, and xsltComputeSortResultInternal. The vulnerability carries a CVSS v3.1 base score of 7.8 (High), with vector AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:H.
A local attacker can exploit this vulnerability with high attack complexity, requiring no privileges or user interaction. Successful exploitation changes scope and results in high impacts to integrity and availability, though confidentiality is unaffected.
Mitigation details are available in advisories such as the GNOME libxslt GitLab issue at https://gitlab.gnome.org/GNOME/libxslt/-/issues/128 and the Debian LTS announcement at https://lists.debian.org/debian-lts-announce/2025/03/msg00015.html, published around the CVE disclosure on 2025-03-14.
Details
- CWE(s)
Affected Products
MITRE ATT&CK Enterprise Techniques
Why these techniques?
Local use-after-free in libxslt with no privileges required, high attack complexity, scope change, and high integrity impact directly enables exploitation for privilege escalation.