VDB
RHSA-2025%3A3569
RHSA-2025%3A3569
PUBLISHED
CVSS 8.100000381469727 HIGH
A flaw was found in libxml2. This vulnerability allows a use-after-free via a crafted XML document validated against an XML schema with certain identity constraints or a crafted XML schema.
Risk Scores
CVSS 3.1
8.100000381469727
CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Red Hat | openshift4/ose-baremetal-runtimecfg-rhel8@sha256:21978532ffb5f05c3ecf14a2f8115e59bd02c4fa5c95dde4cf9e1dd971dca1ea_s390x as a component of Red Hat OpenShift Container Platform 4.14 | openshift4/ose-baremetal-runtimecfg-rhel8@sha256:21978532ffb5f05c3ecf14a2f8115e59bd02c4fa5c95dde4cf9e1dd971dca1ea_s390x, openshift4/ose-baremetal-runtimecfg-rhel8@sha256:21978532ffb5f05c3ecf14a2f8115e59bd02c4fa5c95dde4cf9e1dd971dca1ea_s390x, openshift4/ose-baremetal-runtimecfg-rhel8@sha256:21978532ffb5f05c3ecf14a2f8115e59bd02c4fa5c95dde4cf9e1dd971dca1ea_s390x |
| Red Hat | openshift4/ose-prom-label-proxy@sha256:60a57ee5992478aa33b3a0a99dc506a026454eef75d3a609a53fcdf9c67b4791_ppc64le as a component of Red Hat OpenShift Container Platform 4.14 | openshift4/ose-prom-label-proxy@sha256:60a57ee5992478aa33b3a0a99dc506a026454eef75d3a609a53fcdf9c67b4791_ppc64le, openshift4/ose-prom-label-proxy@sha256:60a57ee5992478aa33b3a0a99dc506a026454eef75d3a609a53fcdf9c67b4791_ppc64le, openshift4/ose-prom-label-proxy@sha256:60a57ee5992478aa33b3a0a99dc506a026454eef75d3a609a53fcdf9c67b4791_ppc64le |
| Red Hat | openshift4/ose-csi-external-resizer-rhel8@sha256:780149b32d8a75ec39bb80844790937d0cd0415cfbf05785bd8fe05fc23407a5_s390x as a component of Red Hat OpenShift Container Platform 4.14 | openshift4/ose-csi-external-resizer-rhel8@sha256:780149b32d8a75ec39bb80844790937d0cd0415cfbf05785bd8fe05fc23407a5_s390x, openshift4/ose-csi-external-resizer-rhel8@sha256:780149b32d8a75ec39bb80844790937d0cd0415cfbf05785bd8fe05fc23407a5_s390x, openshift4/ose-csi-external-resizer-rhel8@sha256:780149b32d8a75ec39bb80844790937d0cd0415cfbf05785bd8fe05fc23407a5_s390x |
| Red Hat | openshift4/ose-vsphere-csi-driver-operator-rhel8@sha256:39abfc38f4bc551a414279ebd38a492a758e339c3a2964997c3658f1a3662a87_amd64 as a component of Red Hat OpenShift Container Platform 4.14 | *, openshift4/ose-vsphere-csi-driver-operator-rhel8@sha256:39abfc38f4bc551a414279ebd38a492a758e339c3a2964997c3658f1a3662a87_amd64, openshift4/ose-vsphere-csi-driver-operator-rhel8@sha256:39abfc38f4bc551a414279ebd38a492a758e339c3a2964997c3658f1a3662a87_amd64 |
| Red Hat | openshift4/ose-olm-operator-controller-rhel8@sha256:feaba38cd4c167e15a58a24c2eaa8e4c8666accb0b3a4c49e3391bbf7a39002f_amd64 as a component of Red Hat OpenShift Container Platform 4.14 | openshift4/ose-olm-operator-controller-rhel8@sha256:feaba38cd4c167e15a58a24c2eaa8e4c8666accb0b3a4c49e3391bbf7a39002f_amd64, openshift4/ose-olm-operator-controller-rhel8@sha256:feaba38cd4c167e15a58a24c2eaa8e4c8666accb0b3a4c49e3391bbf7a39002f_amd64, openshift4/ose-olm-operator-controller-rhel8@sha256:feaba38cd4c167e15a58a24c2eaa8e4c8666accb0b3a4c49e3391bbf7a39002f_amd64 |
| Red Hat | openshift4/ose-powervs-cloud-controller-manager-rhel8@sha256:8be4d77e10173389301e63ecc0dd51d79f56a13d5c479b29b10a039a1bb564da_ppc64le as a component of Red Hat OpenShift Container Platform 4.14 | openshift4/ose-powervs-cloud-controller-manager-rhel8@sha256:8be4d77e10173389301e63ecc0dd51d79f56a13d5c479b29b10a039a1bb564da_ppc64le, openshift4/ose-powervs-cloud-controller-manager-rhel8@sha256:8be4d77e10173389301e63ecc0dd51d79f56a13d5c479b29b10a039a1bb564da_ppc64le, * |
| Red Hat | openshift4/ose-csi-livenessprobe-rhel8@sha256:48d1e2305285e04bb4d053d619318b24210fe89bcb78443d1b44a03c19eef183_amd64 as a component of Red Hat OpenShift Container Platform 4.14 | openshift4/ose-csi-livenessprobe-rhel8@sha256:48d1e2305285e04bb4d053d619318b24210fe89bcb78443d1b44a03c19eef183_amd64, openshift4/ose-csi-livenessprobe-rhel8@sha256:48d1e2305285e04bb4d053d619318b24210fe89bcb78443d1b44a03c19eef183_amd64, openshift4/ose-csi-livenessprobe-rhel8@sha256:48d1e2305285e04bb4d053d619318b24210fe89bcb78443d1b44a03c19eef183_amd64 |
| Red Hat | openshift4/ose-csi-external-provisioner@sha256:9771fcd2f5a3df598bb057c5eaaa559754d03aac349298e57f89ab31653f785b_arm64 as a component of Red Hat OpenShift Container Platform 4.14 | *, openshift4/ose-csi-external-provisioner@sha256:9771fcd2f5a3df598bb057c5eaaa559754d03aac349298e57f89ab31653f785b_arm64, openshift4/ose-csi-external-provisioner@sha256:9771fcd2f5a3df598bb057c5eaaa559754d03aac349298e57f89ab31653f785b_arm64 |
| Red Hat | openshift4/ose-cluster-node-tuning-operator@sha256:176bd10447ce799cff3f07e73898c818e1c71663257ba0b05eb01d8ac562a102_amd64 as a component of Red Hat OpenShift Container Platform 4.14 | openshift4/ose-cluster-node-tuning-operator@sha256:176bd10447ce799cff3f07e73898c818e1c71663257ba0b05eb01d8ac562a102_amd64, openshift4/ose-cluster-node-tuning-operator@sha256:176bd10447ce799cff3f07e73898c818e1c71663257ba0b05eb01d8ac562a102_amd64, openshift4/ose-cluster-node-tuning-operator@sha256:176bd10447ce799cff3f07e73898c818e1c71663257ba0b05eb01d8ac562a102_amd64 |
| Red Hat | openshift4/cloud-network-config-controller-rhel8@sha256:62473a839354a9ece79d613f91c76874e8007fc8bd910ac414051b0e13d08a9a_ppc64le as a component of Red Hat OpenShift Container Platform 4.14 | openshift4/cloud-network-config-controller-rhel8@sha256:62473a839354a9ece79d613f91c76874e8007fc8bd910ac414051b0e13d08a9a_ppc64le, openshift4/cloud-network-config-controller-rhel8@sha256:62473a839354a9ece79d613f91c76874e8007fc8bd910ac414051b0e13d08a9a_ppc64le, * |
| Red Hat | openshift4/ose-csi-external-snapshotter@sha256:a622df156f29b32930592baa89afd7d9c90b49c4af0499e12ef34d405b003992_amd64 as a component of Red Hat OpenShift Container Platform 4.14 | openshift4/ose-csi-external-snapshotter@sha256:a622df156f29b32930592baa89afd7d9c90b49c4af0499e12ef34d405b003992_amd64, openshift4/ose-csi-external-snapshotter@sha256:a622df156f29b32930592baa89afd7d9c90b49c4af0499e12ef34d405b003992_amd64, openshift4/ose-csi-external-snapshotter@sha256:a622df156f29b32930592baa89afd7d9c90b49c4af0499e12ef34d405b003992_amd64 |
| Red Hat | openshift4/ose-console-operator@sha256:6f7f5565e0aec07ab3549754f77beef65088ceb7e90f21723c7ba9a896890224_s390x as a component of Red Hat OpenShift Container Platform 4.14 | openshift4/ose-console-operator@sha256:6f7f5565e0aec07ab3549754f77beef65088ceb7e90f21723c7ba9a896890224_s390x, openshift4/ose-console-operator@sha256:6f7f5565e0aec07ab3549754f77beef65088ceb7e90f21723c7ba9a896890224_s390x, * |
| Red Hat | openshift4/ose-agent-installer-orchestrator-rhel8@sha256:58b9432c725ebe12a544b173128fe02910b8077da3f8549823f15cdad7f2c5c2_amd64 as a component of Red Hat OpenShift Container Platform 4.14 | openshift4/ose-agent-installer-orchestrator-rhel8@sha256:58b9432c725ebe12a544b173128fe02910b8077da3f8549823f15cdad7f2c5c2_amd64, *, openshift4/ose-agent-installer-orchestrator-rhel8@sha256:58b9432c725ebe12a544b173128fe02910b8077da3f8549823f15cdad7f2c5c2_amd64 |
| Red Hat | openshift4/ose-oauth-proxy@sha256:c22373e9e85a35d9450482a11a1adc67630078b3fa6d24fbc4e50a46f4fa3162_amd64 as a component of Red Hat OpenShift Container Platform 4.14 | openshift4/ose-oauth-proxy@sha256:c22373e9e85a35d9450482a11a1adc67630078b3fa6d24fbc4e50a46f4fa3162_amd64, openshift4/ose-oauth-proxy@sha256:c22373e9e85a35d9450482a11a1adc67630078b3fa6d24fbc4e50a46f4fa3162_amd64, openshift4/ose-oauth-proxy@sha256:c22373e9e85a35d9450482a11a1adc67630078b3fa6d24fbc4e50a46f4fa3162_amd64 |
| Red Hat | openshift4/ose-olm-catalogd-rhel8@sha256:85904b983bb35abcbab7ea0c76060b11672449fce6e139e2784a1964e2f549a0_amd64 as a component of Red Hat OpenShift Container Platform 4.14 | openshift4/ose-olm-catalogd-rhel8@sha256:85904b983bb35abcbab7ea0c76060b11672449fce6e139e2784a1964e2f549a0_amd64, openshift4/ose-olm-catalogd-rhel8@sha256:85904b983bb35abcbab7ea0c76060b11672449fce6e139e2784a1964e2f549a0_amd64, openshift4/ose-olm-catalogd-rhel8@sha256:85904b983bb35abcbab7ea0c76060b11672449fce6e139e2784a1964e2f549a0_amd64 |
| Red Hat | openshift4/ose-baremetal-runtimecfg-rhel8@sha256:267f32bf71f563f97bdb8e8ac9ba0bd523239a1678f0b22a6801f7e529582a0e_arm64 as a component of Red Hat OpenShift Container Platform 4.14 | *, openshift4/ose-baremetal-runtimecfg-rhel8@sha256:267f32bf71f563f97bdb8e8ac9ba0bd523239a1678f0b22a6801f7e529582a0e_arm64, openshift4/ose-baremetal-runtimecfg-rhel8@sha256:267f32bf71f563f97bdb8e8ac9ba0bd523239a1678f0b22a6801f7e529582a0e_arm64 |
| Red Hat | openshift4/driver-toolkit-rhel9@sha256:d12b0c7636fbdcdb6d459b855aec88873d347ea0cd9fd244c81e086400ffac8d_s390x as a component of Red Hat OpenShift Container Platform 4.14 | openshift4/driver-toolkit-rhel9@sha256:d12b0c7636fbdcdb6d459b855aec88873d347ea0cd9fd244c81e086400ffac8d_s390x, openshift4/driver-toolkit-rhel9@sha256:d12b0c7636fbdcdb6d459b855aec88873d347ea0cd9fd244c81e086400ffac8d_s390x, openshift4/driver-toolkit-rhel9@sha256:d12b0c7636fbdcdb6d459b855aec88873d347ea0cd9fd244c81e086400ffac8d_s390x |
| Red Hat | openshift4/ose-cluster-ingress-operator@sha256:f16263fe09f7597306e2ec703e44fcfbaad55c9ba24f773432bcfc754a94d27d_arm64 as a component of Red Hat OpenShift Container Platform 4.14 | openshift4/ose-cluster-ingress-operator@sha256:f16263fe09f7597306e2ec703e44fcfbaad55c9ba24f773432bcfc754a94d27d_arm64, openshift4/ose-cluster-ingress-operator@sha256:f16263fe09f7597306e2ec703e44fcfbaad55c9ba24f773432bcfc754a94d27d_arm64, openshift4/ose-cluster-ingress-operator@sha256:f16263fe09f7597306e2ec703e44fcfbaad55c9ba24f773432bcfc754a94d27d_arm64 |
| Red Hat | openshift4/ose-csi-snapshot-controller-rhel8@sha256:6258939a3ce15590c18a108f35aa83f19b9fa7d28b2495172848ba320121dcae_s390x as a component of Red Hat OpenShift Container Platform 4.14 | openshift4/ose-csi-snapshot-controller-rhel8@sha256:6258939a3ce15590c18a108f35aa83f19b9fa7d28b2495172848ba320121dcae_s390x, *, openshift4/ose-csi-snapshot-controller-rhel8@sha256:6258939a3ce15590c18a108f35aa83f19b9fa7d28b2495172848ba320121dcae_s390x |
| Red Hat | openshift4/ose-cluster-ingress-operator@sha256:3e825f5ec48ebe5377df618d59408ce824c6ecd7a8c8ff6cefbf4cec3adea8fe_s390x as a component of Red Hat OpenShift Container Platform 4.14 | *, *, * |
…and 1346 more
Timeline
- Apr 9, 2025 CVE Published
- Apr 24, 2026 Distribution Patch
- Apr 24, 2026 Distribution Patch
- Apr 24, 2026 Security Advisory
- Apr 24, 2026 Security Advisory
- Apr 24, 2026 Security Advisory
- Apr 24, 2026 Security Advisory
- May 16, 2026 CVE Updated
References
- https://access.redhat.com/errata/RHSA-2025:3569 advisory
- https://access.redhat.com/security/updates/classification/#important advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=2346416 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=2346421 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=2354195 issue
- https://issues.redhat.com/browse/OCPBUGS-45559 advisory
- https://issues.redhat.com/browse/OCPBUGS-51118 advisory
- https://issues.redhat.com/browse/OCPBUGS-52500 advisory
- https://issues.redhat.com/browse/OCPBUGS-52996 advisory
- https://issues.redhat.com/browse/OCPBUGS-53314 advisory
- https://issues.redhat.com/browse/OCPBUGS-54167 advisory
- https://issues.redhat.com/browse/OCPBUGS-54260 advisory
- https://issues.redhat.com/browse/OCPBUGS-54404 advisory
- https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_3569.json advisory
- https://access.redhat.com/security/cve/CVE-2024-56171 advisory
- https://www.cve.org/CVERecord?id=CVE-2024-56171 advisory
- https://nvd.nist.gov/vuln/detail/CVE-2024-56171 advisory
- https://gitlab.gnome.org/GNOME/libxml2/-/issues/828 advisory
- https://access.redhat.com/security/cve/CVE-2025-24928 advisory
- https://www.cve.org/CVERecord?id=CVE-2025-24928 advisory
…and 9 more