Not a user yet?
Log in Register for free Suggest a product
The manufacturer Canonical has not yet set up its devicebase profile. Content such as updates, compatibilities and support may only be maintained with a delay.
Update

USN-7694-1: libxml2 vulnerabilities

Ubuntu DesktopUbuntu Desktop
Canonical
Update from patrick-devicebaseUpdate from:
patrick-devicebase (expert)

USN-7694-1: libxml2 vulnerabilities
Publication date: 14 August 2025
Overview: Several security issues were fixed in libxml2.
Releases: 25.04 , 24.04 LTS , 22.04 LTS , 20.04 LTS, 18.04 LTS, 16.04 LTS ,14.04 LTS

Packages

  • libxml2 - GNOME XML library

Details
Ahmed Lekssays discovered that libxml2 did not properly perform certain
mathematical operations, leading to an integer overflow. An attacker
could possibly use this issue to cause a crash, resulting in a denial of
service, or possibly execute arbitrary code. (CVE-2025-6021)

Ahmed Lekssays discovered that libxml2 did not properly validate the size
of an untrusted input stream. An attacker could possibly use this issue
to cause a crash, resulting in a denial of service, or possibly execute
arbitrary code. (CVE-2025-6170)

Nikita Sveshnikov discovered that libxml2 did not properly handle certain
XPath expressions, leading to a use-after-free vulnerability. An attacker
could potentially exploit this issue to cause a denial of service.
(CVE-2025-49794)

Nikita Sveshnikov discovered that libxml2 contained a type confusion
vulnerability when parsing specially crafted XML documents. An attacker
could potentially exploit this issue to cause a denial of service.
(CVE-2025-49796)

Update instructions:
The problem can be corrected by updating your system to the following package versions:

25.04 plucky:

  • libxml2 – 2.12.7+dfsg+really2.9.14-0.4ubuntu0.2
  • python3-libxml2 – 2.12.7+dfsg+really2.9.14-0.4ubuntu0.2
    24.04 noble:
  • libxml2 – 2.9.14+dfsg-1.3ubuntu3.4
  • python3-libxml2 – 2.9.14+dfsg-1.3ubuntu3.4
    22.04 jammy
  • libxml2 – 2.9.13+dfsg-1ubuntu0.8
  • python3-libxml2 – 2.9.13+dfsg-1ubuntu0.8
    20.04 focal
  • libxml2 – 2.9.10+dfsg-5ubuntu0.20.04.10+esm1
  • python3-libxml2 – 2.9.10+dfsg-5ubuntu0.20.04.10+esm1
    18.04 bionic
  • libxml2 – 2.9.4+dfsg1-6.1ubuntu1.9+esm4
  • python-libxml2 – 2.9.4+dfsg1-6.1ubuntu1.9+esm4
  • python3-libxml2 – 2.9.4+dfsg1-6.1ubuntu1.9+esm4
    16.04 xenial
  • libxml2 – 2.9.3+dfsg1-1ubuntu0.7+esm9
  • python-libxml2 – 2.9.3+dfsg1-1ubuntu0.7+esm9
    14.04 trusty
  • libxml2 – 2.9.1+dfsg1-3ubuntu4.13+esm8
  • python-libxml2 – 2.9.1+dfsg1-3ubuntu4.13+esm8
Version: 24.04 LTS Link
More updatesTo the product
Receive Important Update Messages Stay tuned for upcoming Canonical Ubuntu Desktop updates

More from the Operating Systems section

Was the content helpful to you?

Advertisement Advertise here?
Udemy IT certification ad