libxml2 security update

🗓️ 04 Oct 2025 00:11:30Reported by Rockylinux Product ErrataType

rocky

rocky🔗 errata.rockylinux.org👁 2 Views

Rocky Linux 9 libxml2 update fixes libxslt heap use-after-free from atype corruption (CVE-2025-7425).

Reporter	Title	Published	Views	Family All 241
IBM Security Bulletins	Security Bulletin: IBM Instana Observability has addressed Multiple Vulnerabilities within Instana Agent container image	16 Sep 202509:57	–	ibm
IBM Security Bulletins	Security Bulletin: Buffer overflow, uncontrolled recursion, and other vulnerabilities might affect IBM Storage Defender - Resiliency Service	29 Sep 202516:06	–	ibm
IBM Security Bulletins	Security Bulletin: IBM MQ Appliance is affected by open source vulnerabilities (CVE-2025-8058 and CVE-2025-7425)	23 Oct 202515:07	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in IBM MQ Operator and Queue manager container images	5 Sep 202519:04	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple security vulnerabilities discovered in RedHat UBI as shipped with IBM Security Verify Directory Server Container	8 Aug 202517:17	–	ibm
ATTACKERKB	CVE-2025-7425	10 Jul 202513:53	–	attackerkb
Tenable Nessus	Amazon Linux 2023 : libxml2, libxml2-devel, libxml2-static (ALAS2023-2025-1154)	8 Sep 202500:00	–	nessus
Tenable Nessus	Amazon Linux 2 : libxml2, --advisory ALAS2-2025-2977 (ALAS-2025-2977)	4 Sep 202500:00	–	nessus
Tenable Nessus	Alibaba Cloud Linux 3 : 0129: libxml2 (ALINUX3-SA-2025:0129)	6 Aug 202500:00	–	nessus
Tenable Nessus	AlmaLinux 9 : libxml2 (ALSA-2025:12447)	2 Aug 202500:00	–	nessus

OS	OS Version	Architecture	Package	Package Version	Filename
Rocky Linux	9	aarch64	libxml2	0:2.9.13-11.el9_6	libxml2-0:2.9.13-11.el9_6.aarch64.rpm
Rocky Linux	9	i686	libxml2	0:2.9.13-11.el9_6	libxml2-0:2.9.13-11.el9_6.i686.rpm
Rocky Linux	9	ppc64le	libxml2	0:2.9.13-11.el9_6	libxml2-0:2.9.13-11.el9_6.ppc64le.rpm
Rocky Linux	9	s390x	libxml2	0:2.9.13-11.el9_6	libxml2-0:2.9.13-11.el9_6.s390x.rpm
Rocky Linux	9	x86_64	libxml2	0:2.9.13-11.el9_6	libxml2-0:2.9.13-11.el9_6.x86_64.rpm
Rocky Linux	9	aarch64	libxml2-debuginfo	0:2.9.13-11.el9_6	libxml2-debuginfo-0:2.9.13-11.el9_6.aarch64.rpm
Rocky Linux	9	ppc64le	libxml2-debuginfo	0:2.9.13-11.el9_6	libxml2-debuginfo-0:2.9.13-11.el9_6.ppc64le.rpm
Rocky Linux	9	s390x	libxml2-debuginfo	0:2.9.13-11.el9_6	libxml2-debuginfo-0:2.9.13-11.el9_6.s390x.rpm
Rocky Linux	9	x86_64	libxml2-debuginfo	0:2.9.13-11.el9_6	libxml2-debuginfo-0:2.9.13-11.el9_6.x86_64.rpm
Rocky Linux	9	aarch64	libxml2-debugsource	0:2.9.13-11.el9_6	libxml2-debugsource-0:2.9.13-11.el9_6.aarch64.rpm

04 Oct 2025 00:11Current

7.1High risk

Vulners AI Score7.1

CVSS 3.17.8

EPSS0.00192

SSVC

libxml2 libxslt CVE-2025-7425 Rocky Linux 9 heap use-after-free