2392605 – (CVE-2025-9714) CVE-2025-9714 libxslt: libxml2: Inifinite recursion at exsltDynMapFunction function in libexslt/dynamic.c

Bug 2392605 (CVE-2025-9714) - CVE-2025-9714 libxslt: libxml2: Inifinite recursion at exsltDynMapFunction function in libexslt/dynamic.c

Summary: CVE-2025-9714 libxslt: libxml2: Inifinite recursion at exsltDynMapFunction fu...

Keywords:
Status:	NEW
Alias:	CVE-2025-9714
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Product Security DevOps Team
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:	2392608 2392609
Blocks:
TreeView+	depends on / blocked

Reported:	2025-09-02 13:26 UTC by OSIDB Bzimport
Modified:	2025-09-02 17:34 UTC (History)
CC List:	16 users (show)
Fixed In Version:
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments	(Terms of Use)

Description OSIDB Bzimport 2025-09-02 13:26:06 UTC

A critical stack overflow vulnerability was discovered in the libxslt library when handling the dyn:map() function from the EXSLT extension. The vulnerability allows an attacker to cause a denial of service (DoS) via a specially crafted XSLT document containing the recursive dyn:map(., .) call.

The main reason of the vulnerability is that the exsltDynMapFunction function in libexslt/dynamic.c doesn’t contain a recursion depth check. When handling dyn:map(., .) where the second parameter contains a recursive call to the same function, infinite recursion occurs until the program stack is exhausted.

Note You need to log in before you can comment on or make changes to this bug.