Memory Type Confusion Vulnerability in libxslt Library by Red Hat
CVE-2025-7424

7.5HIGH

Key Information:

Vendor: Gnome
Status: Libxslt; Red Hat Enterprise Linux 10; Red Hat Enterprise Linux 6; Red Hat Enterprise Linux 7
Vendor: CVE Published:; 10 July 2025

What is CVE-2025-7424?

A vulnerability exists in the libxslt library due to improper handling of memory fields during XML transformations, specifically through the simultaneous use of the psvi memory field for both stylesheet and input data. This situation may lead to type confusion, which can result in significant application instability, possibly allowing attackers to crash the application or corrupt its memory. When exploited, it may cause denial of service or trigger unpredictable behavior, posing a risk to the reliability and security of systems relying on this library.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

libxslt 0 < 1.1.44

References

https://access.redhat.com/security/cve/CVE-2025-7424

vdb-entryx_refsource_REDHAT

https://bugzilla.redhat.com/show_bug.cgi?id=2379228

issue-trackingx_refsource_REDHAT

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jul 10, 2025
Vulnerability Reserved
Jul 10, 2025

Credit

Red Hat would like to thank Ivan Fratric (Google Project Zero) for reporting this issue.

JSON

Gnome

What is CVE-2025-7424?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Credit

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.