CVE-2025-24928
Published: 18 February 2025
Description
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.
Security Summary
CVE-2025-24928 is a stack-based buffer overflow in the xmlSnprintfElements function within valid.c of libxml2. It affects libxml2 versions before 2.12.10 and 2.13.x before 2.13.6. Exploitation requires DTD validation to occur for an untrusted document or untrusted DTD. The vulnerability is classified as CWE-121 (stack-based buffer overflow) with a CVSS v3.1 base score of 7.8 (AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N). It is similar to CVE-2017-9047.
A local attacker with no privileges can exploit this vulnerability, though it requires high attack complexity and no user interaction. Successful exploitation can result in high confidentiality and integrity impacts with a changed scope, potentially enabling code execution or data tampering during XML processing that involves DTD validation.
Advisories recommend upgrading to libxml2 2.12.10 or later (for the 2.12 branch) or 2.13.6 or later (for the 2.13 branch). The libxml2 GitLab issue at https://gitlab.gnome.org/GNOME/libxml2/-/issues/847 tracks the fix, while OSS-Fuzz issue https://issues.oss-fuzz.com/issues/392687022 documents the discovery. Debian LTS announcement https://lists.debian.org/debian-lts-announce/2025/02/msg00028.html provides patches for affected Debian versions, and NetApp advisory https://security.netapp.com/advisory/ntap-20250321-0006/ covers mitigation in NetApp products.
Details
- CWE(s)
Affected Products
MITRE ATT&CK Enterprise Techniques
Why these techniques?
The local stack-based buffer overflow in libxml2 (requiring no privileges) enables code execution with changed scope and high C/I impact during DTD validation, directly mapping to exploitation for privilege escalation.