Description

A flaw was found in libxml2's xmlBuildQName function, where integer overflows in buffer size calculations can lead to a stack-based buffer overflow. This issue can result in memory corruption or a denial of service when processing crafted input.

INFO

Published Date :

2025-06-12T12:49:16.157Z

Last Modified :

2026-03-24T11:28:32.594Z

Source :

redhat
AFFECTED PRODUCTS

The following products are affected by CVE-2025-6021 vulnerability.

Vendors Products
Redhat
  • Discovery
  • Enterprise Linux
  • Enterprise Linux Eus
  • Enterprise Linux For Arm 64
  • Enterprise Linux For Arm 64 Eus
  • Enterprise Linux For Ibm Z Systems
  • Enterprise Linux For Ibm Z Systems Eus
  • Enterprise Linux For Power Little Endian
  • Enterprise Linux For Power Little Endian Eus
  • Enterprise Linux Server
  • Enterprise Linux Server Aus
  • Enterprise Linux Server For Power Little Endian Update Services For Sap Solutions
  • Enterprise Linux Server Tus
  • In-vehicle Operating System
  • Insights Proxy
  • Jboss Core Services
  • Openshift
  • Openshift Container Platform
  • Openshift Container Platform For Arm64
  • Openshift Container Platform For Ibm Z
  • Openshift Container Platform For Linuxone
  • Openshift Container Platform For Power
  • Rhel Aus
  • Rhel E4s
  • Rhel Els
  • Rhel Eus
  • Rhel Eus Long Life
  • Rhel Tus
Xmlsoft
  • Libxml2
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-6021.

URL Resource
https://access.redhat.com/errata/RHSA-2025:10630 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2025:10698 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2025:10699 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2025:11580 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2025:11673 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2025:12098 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2025:12099 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2025:12199 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2025:12237 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2025:12239 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2025:12240 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2025:12241 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2025:13267 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2025:13289 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2025:13325 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2025:13335 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2025:13336 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2025:14059 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2025:14396 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2025:15308 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2025:15672 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2025:19020 cve-icon cve-icon
https://access.redhat.com/security/cve/CVE-2025-6021 cve-icon cve-icon
https://bugzilla.redhat.com/show_bug.cgi?id=2372406 cve-icon cve-icon
https://gitlab.gnome.org/GNOME/libxml2/-/issues/926 cve-icon cve-icon cve-icon
https://lists.debian.org/debian-lts-announce/2025/07/msg00014.html cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2025-6021 cve-icon
https://www.cve.org/CVERecord?id=CVE-2025-6021 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact