CVE-2025-49794
EUVD-2025-1841216.06.2025, 16:15
A use-after-free vulnerability was found in libxml2. This issue occurs when parsing XPath elements under certain circumstances when the XML schematron has the <sch:name path="..."/> schema elements. This flaw allows a malicious actor to craft a malicious XML document used as input for libxml, resulting in the program's crash using libxml or other possible undefined behaviors.Enginsight
Early Detection
Affected products identified ahead of NVD analysis through intelligence sources.
| Vendor | Product | Version | Source |
|---|---|---|---|
| Siemens | RUGGEDCOM ROX MX5000 | 𝑥 < V2.17.1 | ADP |
| Siemens | RUGGEDCOM ROX MX5000RE | 𝑥 < V2.17.1 | ADP |
| Siemens | RUGGEDCOM ROX RX1400 | 𝑥 < V2.17.1 | ADP |
| Siemens | RUGGEDCOM ROX RX1500 | 𝑥 < V2.17.1 | ADP |
| Siemens | RUGGEDCOM ROX RX1501 | 𝑥 < V2.17.1 | ADP |
| Siemens | RUGGEDCOM ROX RX1510 | 𝑥 < V2.17.1 | ADP |
| Siemens | RUGGEDCOM ROX RX1511 | 𝑥 < V2.17.1 | ADP |
| Siemens | RUGGEDCOM ROX RX1512 | 𝑥 < V2.17.1 | ADP |
| Siemens | RUGGEDCOM ROX RX1524 | 𝑥 < V2.17.1 | ADP |
| Siemens | RUGGEDCOM ROX RX1536 | 𝑥 < V2.17.1 | ADP |
| Siemens | RUGGEDCOM ROX RX5000 | 𝑥 < V2.17.1 | ADP |
Debian Releases
Debian Product | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| libxml2 |
|
openSUSE / SLES Releases
openSUSE Product | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| libxml2-2 |
| ||||||||||||||||||||||||
| libxml2-2-32bit |
| ||||||||||||||||||||||||
| libxml2-devel |
| ||||||||||||||||||||||||
| libxml2-doc |
| ||||||||||||||||||||||||
| libxml2-tools |
| ||||||||||||||||||||||||
| python-libxml2 |
| ||||||||||||||||||||||||
| python2-libxml2-python |
| ||||||||||||||||||||||||
| python3-libxml2 |
| ||||||||||||||||||||||||
| python3-libxml2-python |
| ||||||||||||||||||||||||
| python311-libxml2 |
|
Red Hat Enterprise Linux Releases
Red Hat Product | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| libxml2 |
| ||||||||||||||||||
| libxml2-devel |
| ||||||||||||||||||
| python3-libxml2 |
|
Common Weakness Enumeration
References