Vulnerability DatabaseCVE-2024-56171

CVE-2024-56171:
Rocky Linux vulnerability analysis and mitigation

Overview

A use-after-free vulnerability (CVE-2024-56171) was discovered in libxml2, affecting versions before 2.12.10 and 2.13.x before 2.13.6. The vulnerability exists in the xmlSchemaIDCFillNodeTables and xmlSchemaBubbleIDCNodeTables functions within xmlschemas.c. This security flaw was disclosed on February 18, 2025, and has been assigned a CVSS score of 7.8 (High) (SecurityOnline, NVD).

Technical details

The vulnerability is characterized by a use-after-free condition in the xmlSchemaIDCFillNodeTables and xmlSchemaBubbleIDCNodeTables functions within the xmlschemas.c file. The CVSS vector string is CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N, indicating local access, high attack complexity, no privileges required, no user interaction, and potential for high confidentiality and integrity impact (NVD).

Impact

The vulnerability can potentially lead to arbitrary code execution when exploited successfully. The impact is particularly significant as libxml2 is a widely used XML parsing library implemented across various platforms including Linux, Windows, macOS, and Unix-based systems (SecurityOnline).

Mitigation and workarounds

Users are strongly advised to update to libxml2 versions 2.12.10 or 2.13.6, which contain fixes for this vulnerability. Major Linux distributions have released security updates to address this issue, including Red Hat Enterprise Linux 9 and Ubuntu (Red Hat, Ubuntu).

Additional resources

Source: This report was generated using AI

Published February 18, 2025

Severity HIGH

CNA Score 7.8

Affected Technologies

Rocky Linux
Alma Linux

Has Public Exploit No

Has CISA KEV Exploit No

CISA KEV Release Date N/A

CISA KEV Due Date N/A

Exploitation Probability Percentile (EPSS) 0.3

Exploitation Probability (EPSS) N/A

Sources

NVD
AlmaLinux Security Advisory
- AlmaLinux 8 Severity HIGHHas FixAdded at: Mar 19, 2025
- AlmaLinux 9 Severity HIGHHas FixAdded at: Mar 16, 2025
Alpine Security Tracker
- Alpine 3.18, 3.19, 3.20, 3.21 Severity HIGHHas FixAdded at: Mar 09, 2025
- Alpine edge Severity HIGHHas FixAdded at: Feb 23, 2025
CBL-Mariner
- CBL-Mariner 2.0 Severity HIGHHas FixAdded at: Mar 02, 2025
- CBL-Mariner 3.0 Severity HIGHHas FixAdded at: May 04, 2025
Container-Optimized OS Release Notes
- Container-Optimized OS Severity HIGHHas FixAdded at: Mar 16, 2025
Debian Security Tracker
- Debian 11, 13 Severity HIGHHas FixAdded at: Feb 19, 2025
- Debian 12 Severity HIGHNo FixAdded at: Feb 19, 2025
Photon Security Advisory
- Photon 4.0, 5.0 Severity HIGHHas FixAdded at: Mar 09, 2025
Red Hat Errata
- Red Hat 6, 7 Severity HIGHNo FixAdded at: Feb 20, 2025
- Red Hat 8 Severity HIGHHas FixAdded at: Feb 20, 2025
- Red Hat 9 Severity HIGHHas FixAdded at: Feb 20, 2025
Rocky Linux Product Errata
- Rocky 8 Severity HIGHHas FixAdded at: May 11, 2025
Ubuntu Security Tracker
- Ubuntu 16.04, 18.04, 20.04, 22.04, 24.04, 24.10 Severity MEDIUMHas FixAdded at: Feb 23, 2025
- Ubuntu 25.04 Severity MEDIUMHas FixAdded at: May 08, 2025