Description

A flaw was found in polkit. When processing an XML policy with 32 or more nested elements in depth, an out-of-bounds write can be triggered. This issue can lead to a crash or other unexpected behavior, and arbitrary code execution is not discarded. To exploit this flaw, a high-privilege account is needed as it's required to place the malicious policy file properly.

INFO

Published Date :

2025-07-14T13:35:21.280Z

Last Modified :

2026-02-26T17:50:41.851Z

Source :

redhat
AFFECTED PRODUCTS

The following products are affected by CVE-2025-7519 vulnerability.

Vendors Products
Redhat
  • Enterprise Linux
  • Openshift
  • Openshift Container Platform
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-7519.

URL Resource
https://access.redhat.com/security/cve/CVE-2025-7519 cve-icon cve-icon
https://bugzilla.redhat.com/show_bug.cgi?id=2379675 cve-icon cve-icon
https://github.com/polkit-org/polkit/commit/107d3801361b9f9084f78710178e683391f1d245 cve-icon cve-icon
https://github.com/polkit-org/polkit/pull/570 cve-icon cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2025-7519 cve-icon
https://www.cve.org/CVERecord?id=CVE-2025-7519 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact