Login Sign Up

CVE-2025-7424

7.5 HIGH
Denial of Service

📋 TL;DR

A type confusion vulnerability in libxslt's psvi memory field allows attackers to crash applications or corrupt memory during XML transformations. This affects any software using vulnerable libxslt versions for XML processing. The most likely impact is denial of service, but memory corruption could potentially lead to more severe consequences.

💻 Affected Systems

Products:
  • libxslt
  • Applications using libxslt for XML transformations
Versions: libxslt versions before 1.1.39
Operating Systems: Linux, Unix-like systems, Any OS with vulnerable libxslt
Default Config Vulnerable: ⚠️ Yes
Notes: Any application processing untrusted XML/XSLT using libxslt is vulnerable

📦 What is this software?

Enterprise Linux by Redhat

View all CVEs affecting Enterprise Linux →

Enterprise Linux by Redhat

View all CVEs affecting Enterprise Linux →

Enterprise Linux by Redhat

View all CVEs affecting Enterprise Linux →

Enterprise Linux by Redhat

View all CVEs affecting Enterprise Linux →

Enterprise Linux by Redhat

View all CVEs affecting Enterprise Linux →

Libxslt by Xmlsoft

View all CVEs affecting Libxslt →

Openshift Container Platform by Redhat

View all CVEs affecting Openshift Container Platform →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Memory corruption leading to arbitrary code execution or complete system compromise

🟠

Likely Case

Application crash causing denial of service

🟢

If Mitigated

Limited impact with proper input validation and sandboxing

🌐 Internet-Facing: MEDIUM
🏢 Internal Only: LOW

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ⚠️ Yes
Complexity: MEDIUM

Exploitation requires attacker to control XML/XSLT input to vulnerable application

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: libxslt 1.1.39 or later

Vendor Advisory: https://access.redhat.com/security/cve/CVE-2025-7424

Restart Required: Yes

Instructions:

1. Check current libxslt version
2. Update to libxslt 1.1.39+ via package manager
3. Restart affected services
4. Recompile applications if statically linked

🔧 Temporary Workarounds

Disable XSLT processing

all

Disable XML transformation features in applications

Configure applications to reject XSLT processing

Input validation

all

Validate and sanitize all XML/XSLT input

Implement strict XML schema validation

🧯 If You Can't Patch

  • Implement network segmentation to isolate vulnerable systems
  • Deploy WAF with XML/XSLT filtering rules

🔍 How to Verify

Check if Vulnerable:

Check libxslt version: xsltproc --version

Check Version:

xsltproc --version | head -1

Verify Fix Applied:

Verify version is 1.1.39 or higher: xsltproc --version | grep -q '1\.1\.3[9-9]\|1\.1\.[4-9]'

📡 Detection & Monitoring

Log Indicators:

  • Application crashes with segmentation faults
  • Memory corruption errors in system logs
  • Unexpected process termination

Network Indicators:

  • Unusual XML/XSLT payloads to services
  • Repeated connection attempts with XML data

SIEM Query:

source="application.logs" AND ("segmentation fault" OR "memory corruption" OR "libxslt")

📊 Metadata

CVE ID: CVE-2025-7424
CVSS v3 Score: 7.5 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CWE: CWE-843
EPSS Score: 0.37% exploit probability (58.1th percentile)
Published: July 10, 2025
Last Updated: January 21, 2026

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-7424, you might also want to check these:

CVE-2025-47151 9.8

A type confusion vulnerability in Entr'ouvert Lasso's SAML parsing allows remote code execution when...

Same vulnerability type (CWE-843)
CVE-2025-65570 9.8

A type confusion vulnerability in jsish 2.0 allows incorrect control flow during execution of the OP...

Same vulnerability type (CWE-843)
CVE-2020-25575 9.8

This vulnerability in the Rust failure crate (versions through 0.1.5) involves a type confusion flaw...

Same vulnerability type (CWE-843)