What is the CVSS score of EUVD-2025-18175?

EUVD-2025-18175 has a CVSS 3.1 base score of 7.5 (High). CVSS vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H. EPSS exploitation probability: 0.8%.

Is there a public PoC exploit available for EUVD-2025-18175?

Yes, a public proof-of-concept exploit is available for EUVD-2025-18175. Prioritise patching immediately. EPSS: 0.8%.

How to fix or mitigate EUVD-2025-18175?

Within 24 hours: inventory all systems running libxml2, OpenShift Container Platform 4.12-4.19, RHEL 7-10, or JBoss Core Services; prioritize production and customer-facing infrastructure. Within 7 days: apply Red Hat security patches to all affected RHEL versions and OpenShift clusters (request exact patch versions from Red Hat advisory RHSA listing CVE-2025-6021). Within 30 days: complete patching of all remaining systems including development/test environments and validate XML input filtering controls are in place.

EUVD-2025-18175

| CVE-2025-6021 HIGH

Integer Overflow or Wraparound (CWE-190)

2025-06-12 secalert@redhat.com

Buffer Overflow Denial Of Service Integer Overflow

7.5

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

Lifecycle Timeline

Analysis Updated

Apr 19, 2026 - 20:32 vuln.today

v2 (cvss_changed)

Re-analysis Queued

Apr 19, 2026 - 20:22 vuln.today

cvss_changed

Patch released

Mar 31, 2026 - 21:13 nvd

Patch available

PoC Detected

Mar 24, 2026 - 12:16 vuln.today

Public exploit code

EUVD ID Assigned

Mar 14, 2026 - 21:20 euvd

EUVD-2025-18175

Analysis Generated

Mar 14, 2026 - 21:20 vuln.today

CVE Published

Jun 12, 2025 - 13:15 nvd

HIGH 7.5

DescriptionNVD

A flaw was found in libxml2's xmlBuildQName function, where integer overflows in buffer size calculations can lead to a stack-based buffer overflow. This issue can result in memory corruption or a denial of service when processing crafted input.

AnalysisAI

Stack-based buffer overflow in libxml2's xmlBuildQName function allows remote unauthenticated attackers to crash affected systems via crafted XML input. The vulnerability affects libxml2 directly and downstream Red Hat products including OpenShift Container Platform 4.12-4.19, RHEL 7-10, and JBoss Core Services. With CVSS 7.5 (AV:N/AC:L/PR:N/UI:N), EPSS 0.75% (73rd percentile), and publicly available exploit code, this represents a moderate real-world risk focused on availability disruption rather than code execution or data compromise.

Technical ContextAI

Libxml2 is a widely-deployed XML parsing library used across Linux distributions and enterprise platforms. The xmlBuildQName function performs qualified name construction during XML processing, combining namespace prefixes and local names into QNames. CWE-190 (integer overflow) occurs when buffer size calculations overflow, causing the function to allocate insufficient stack space. Subsequent operations write beyond the allocated buffer, corrupting stack memory. The vulnerability affects the core libxml2 library (cpe:2.3:a:xmlsoft:libxml2) and propagates to all downstream consumers including Red Hat Enterprise Linux 7/8/9/10, OpenShift Container Platform across multiple major versions (4.12-4.18), and specialized variants like Telecommunications Update Service and Extended Lifecycle Support editions. Ubuntu and Debian have also confirmed impact across multiple releases.

RemediationAI

Apply vendor-released patches immediately for internet-facing systems processing untrusted XML. For Red Hat Enterprise Linux, upgrade libxml2 to fixed versions: RHEL 7 to 0:2.9.1-6.el7_9.10, RHEL 8 to 0:2.9.7-21.el8_10.1 (or version-specific patches per support tier), RHEL 9 to 0:2.9.13-10.el9_6, RHEL 10 to 0:2.12.5-7.el10_0. OpenShift Container Platform administrators should apply platform-specific updates via Red Hat Security Advisories RHSA-2025:12237 through RHSA-2025:13325 matching their cluster version. Ubuntu users should install updates from USN-7694-1, Debian users from DLA-4251-1. If patching cannot be completed immediately, implement compensating controls: restrict XML processing endpoints to authenticated users only (reduces attack surface from AV:N to trusted networks), deploy XML input validation and size limits before libxml2 parsing (blocks oversized crafted inputs but adds processing overhead and may break legitimate large documents), enable application-level request throttling to limit DoS impact (does not prevent exploitation but contains blast radius), and monitor for abnormal process crashes in XML-consuming services. Note that input validation is bypass-prone against novel integer overflow vectors and should be considered temporary mitigation only.

Vendor StatusVendor

Ubuntu

Priority: Medium

libxml2

Release	Status	Version
bionic	released	2.9.4+dfsg1-6.1ubuntu1.9+esm4
focal	released	2.9.10+dfsg-5ubuntu0.20.04.10+esm1
jammy	released	2.9.13+dfsg-1ubuntu0.8
noble	released	2.9.14+dfsg-1.3ubuntu3.4
plucky	released	2.12.7+dfsg+really2.9.14-0.4ubuntu0.2
trusty	released	2.9.1+dfsg1-3ubuntu4.13+esm8
upstream	released	-
xenial	released	2.9.3+dfsg1-1ubuntu0.7+esm9
oracular	ignored	end of life, was needs-triage

USN-7694-1

Debian

Bug #1107720

libxml2

Release	Status	Fixed Version	Urgency
bullseye	fixed	2.9.10+dfsg-6.7+deb11u8	-
bullseye (security)	fixed	2.9.10+dfsg-6.7+deb11u9	-
bookworm	fixed	2.9.14+dfsg-1.3~deb12u3	-
bookworm (security)	fixed	2.9.14+dfsg-1.3~deb12u4	-
trixie	fixed	2.12.7+dfsg+really2.9.14-2.1+deb13u2	-
trixie (security)	fixed	2.12.7+dfsg+really2.9.14-2.1+deb13u1	-
forky, sid	fixed	2.15.1+dfsg-2	-
(unstable)	fixed	2.12.7+dfsg+really2.9.14-2	-

DLA-4251-1

EUVD-2025-18175 vulnerability details – vuln.today

Back

EUVD-2025-18175

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

Technical ContextAI

RemediationAI

Vendor StatusVendor

Ubuntu

Debian

Share

External POC / Exploit Code