SUSE CVE-2025-49796

🗓️ 14 Jun 2025 02:54:41Reported by Suse CVEType

SUSE libxml2 memory corruption from sch name element in XML input; attacker can crash the library and cause denial of service.

Reporter	Title	Published	Views	Family All 284
IBM Security Bulletins	Security Bulletin: Multiple Vulnerabilities in IBM CloudPak for AIOps	18 Dec 202501:19	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in libxml2 affect AIX/VIOS	17 Jul 202516:10	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities have been identified with the DS8900F and DS8A00 Hardware Management Console (HMC)	3 Mar 202600:44	–	ibm
IBM Security Bulletins	Security Bulletin: DataStage on Cloud Pak for Data is vulnerable to a use-after-free vulnerability due to the libxml2 package (CVE-2025-49794)	2 Sep 202514:33	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Instana Observability is affected by multiple vulnerabilities within Instana Agent container image	7 Aug 202508:11	–	ibm
IBM Security Bulletins	Security Bulletin: Security vulnerabilities due to libxml2, python3, pam and glibc packages shipped with IBM CICS TX Advanced.	12 Aug 202511:56	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple security vulnerabilities in RedHat UBI affect IBM Robotic Process Automation for Cloud Pak	20 Oct 202522:01	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Watsonx BI is affected by a vulnerability found in libxml2	23 Sep 202521:35	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in libxml2 affect IBM Decision Optimization for IBM Cloud Pak for Data (CVE-2025-49795, CVE-2025-49794 and CVE-2025-49796)	3 Sep 202507:53	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerabilities in libxml2 library (CVE-2025-6021, CVE-2025-49794, CVE-2025-49796) affect Power HMC.	9 Sep 202513:52	–	ibm

OS	OS Version	Architecture	Package	Package Version	Filename
OpenSUSE Leap	15.6	any	libxml2-2	2.10.3-150500.5.29.1	libxml2-2-2.10.3-150500.5.29.1.noarch.rpm
SUSE Linux Micro	5.5	any	libxml2-2	2.10.3-150500.5.29.1	libxml2-2-2.10.3-150500.5.29.1.noarch.rpm
SUSE Linux Enterprise Desktop	15.6	any	libxml2-2	2.10.3-150500.5.29.1	libxml2-2-2.10.3-150500.5.29.1.noarch.rpm
SUSE Linux Enterprise Server	15.5	any	libxml2-2	2.10.3-150500.5.29.1	libxml2-2-2.10.3-150500.5.29.1.noarch.rpm
SUSE Linux Enterprise Server	15.6	any	libxml2-2	2.10.3-150500.5.29.1	libxml2-2-2.10.3-150500.5.29.1.noarch.rpm
SUSE Linux Enterprise Server for SAP applications	15.5	any	libxml2-2	2.10.3-150500.5.29.1	libxml2-2-2.10.3-150500.5.29.1.noarch.rpm
SUSE Linux Enterprise Server for SAP applications	15.6	any	libxml2-2	2.10.3-150500.5.29.1	libxml2-2-2.10.3-150500.5.29.1.noarch.rpm
SUSE Linux Micro	6.0	any	libxml2-2	2.11.6-10.1	libxml2-2-2.11.6-10.1.noarch.rpm
SUSE Linux Micro	6.1	any	libxml2-2	2.11.6-slfo.1.1_6.1	libxml2-2-2.11.6-slfo.1.1_6.1.noarch.rpm
SUSE Linux Enterprise Desktop	15.7	any	libxml2-2	2.12.10-150700.4.3.1	libxml2-2-2.12.10-150700.4.3.1.noarch.rpm

Source	Link
suse	www.suse.com/security/cve/CVE-2025-49796
suse	www.suse.com/support/security/rating/
bugzilla	www.bugzilla.suse.com/1244557
lists	www.lists.suse.com/pipermail/suse-liberty-linux-updates/2025-July/001780.html
lists	www.lists.suse.com/pipermail/suse-liberty-linux-updates/2025-July/001783.html
lists	www.lists.suse.com/pipermail/suse-liberty-linux-updates/2025-August/001864.html
lists	www.lists.suse.com/pipermail/sle-updates/2025-July/040658.html
lists	www.lists.suse.com/pipermail/sle-updates/2025-July/040677.html
lists	www.lists.suse.com/pipermail/sle-updates/2025-July/040694.html
lists	www.lists.suse.com/pipermail/sle-security-updates/2025-July/021818.html

26 Jun 2026 02:32Current

6.9Medium risk

Vulners AI Score6.9

CVSS 3.18.2

EPSS0.01437