Bug 2435454 (CVE-2026-25210)
| Summary: | CVE-2026-25210 libexpat: libexpat: Information disclosure and data integrity issues due to integer overflow in buffer reallocation | ||
|---|---|---|---|
| Product: | [Other] Security Response | Reporter: | OSIDB Bzimport <bzimport> |
| Component: | vulnerability | Assignee: | Product Security DevOps Team <prodsec-dev> |
| Status: | NEW --- | QA Contact: | |
| Severity: | medium | Docs Contact: | |
| Priority: | medium | ||
| Version: | unspecified | CC: | crizzo, gtanzill, jbuscemi, jmitchel, kaycoth, kshier, pbohmill, stcannon, teagle, yguenane |
| Target Milestone: | --- | Keywords: | Security |
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | --- | |
| Doc Text: |
A flaw was found in libexpat. A local attacker could exploit an integer overflow vulnerability in the doContent function. This flaw occurs because the buffer size is not properly determined during tag buffer reallocation, which can lead to memory corruption. Successful exploitation may result in information disclosure and data integrity issues.
|
Story Points: | --- |
| Clone Of: | Environment: | ||
| Last Closed: | Type: | --- | |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
|
Description
OSIDB Bzimport
2026-01-30 08:01:12 UTC
|