Security update for libxml2 SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2025:0976-1 Final 1 1 2025-03-21T08:25:09Z current 2025-03-21T08:25:09Z 2025-03-21T08:25:09Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for libxml2 This update for libxml2 fixes the following issues: - CVE-2024-56171: Fixed use-after-free in xmlSchemaIDCFillNodeTables and xmlSchemaBubbleIDCNodeTables in xmlschemas.c (bsc#1237363). - CVE-2025-24928: Fixed stack-based buffer overflow in xmlSnprintfElements in valid.c (bsc#1237370). - CVE-2025-27113: Fixed NULL Pointer Dereference in libxml2 xmlPatMatch (bsc#1237418). The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). Container suse/ltss/sle15.3/bci-base:latest-2025-976,Container suse/sle-micro-rancher/5.2:latest-2025-976,Container suse/sle-micro/5.1/toolbox:latest-2025-976,Container suse/sle-micro/5.2/toolbox:latest-2025-976,SUSE-2025-976,SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-976,SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-976,SUSE-SLE-Product-SLES_SAP-15-SP3-2025-976,SUSE-SUSE-MicroOS-5.1-2025-976,SUSE-SUSE-MicroOS-5.2-2025-976,SUSE-Storage-7.1-2025-976,openSUSE-SLE-15.6-2025-976 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2025/suse-su-20250976-1/ Link for SUSE-SU-2025:0976-1 https://lists.suse.com/pipermail/sle-security-updates/2025-March/020569.html E-Mail link for SUSE-SU-2025:0976-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1237363 SUSE Bug 1237363 https://bugzilla.suse.com/1237370 SUSE Bug 1237370 https://bugzilla.suse.com/1237418 SUSE Bug 1237418 https://www.suse.com/security/cve/CVE-2024-56171/ SUSE CVE CVE-2024-56171 page https://www.suse.com/security/cve/CVE-2025-24928/ SUSE CVE CVE-2025-24928 page https://www.suse.com/security/cve/CVE-2025-27113/ SUSE CVE CVE-2025-27113 page Container suse/ltss/sle15.3/bci-base:latest Container suse/sle-micro-rancher/5.2:latest Container suse/sle-micro/5.1/toolbox:latest Container suse/sle-micro/5.2/toolbox:latest SUSE Enterprise Storage 7.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS SUSE Linux Enterprise Micro 5.1 SUSE Linux Enterprise Micro 5.2 SUSE Linux Enterprise Server 15 SP3-LTSS SUSE Linux Enterprise Server for SAP Applications 15 SP3 openSUSE Leap 15.6 libxml2-2-2.9.7-150000.3.76.1 libxml2-2-32bit-2.9.7-150000.3.76.1 libxml2-2-64bit-2.9.7-150000.3.76.1 libxml2-devel-2.9.7-150000.3.76.1 libxml2-devel-32bit-2.9.7-150000.3.76.1 libxml2-devel-64bit-2.9.7-150000.3.76.1 libxml2-doc-2.9.7-150000.3.76.1 libxml2-tools-2.9.7-150000.3.76.1 python2-libxml2-python-2.9.7-150000.3.76.1 python3-libxml2-python-2.9.7-150000.3.76.1 libxml2-2-2.9.7-150000.3.76.1 as a component of Container suse/ltss/sle15.3/bci-base:latest libxml2-2-2.9.7-150000.3.76.1 as a component of Container suse/sle-micro-rancher/5.2:latest libxml2-2-2.9.7-150000.3.76.1 as a component of Container suse/sle-micro/5.1/toolbox:latest libxml2-2-2.9.7-150000.3.76.1 as a component of Container suse/sle-micro/5.2/toolbox:latest libxml2-2-2.9.7-150000.3.76.1 as a component of SUSE Enterprise Storage 7.1 libxml2-2-32bit-2.9.7-150000.3.76.1 as a component of SUSE Enterprise Storage 7.1 libxml2-devel-2.9.7-150000.3.76.1 as a component of SUSE Enterprise Storage 7.1 libxml2-tools-2.9.7-150000.3.76.1 as a component of SUSE Enterprise Storage 7.1 python3-libxml2-python-2.9.7-150000.3.76.1 as a component of SUSE Enterprise Storage 7.1 libxml2-2-2.9.7-150000.3.76.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS libxml2-2-32bit-2.9.7-150000.3.76.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS libxml2-devel-2.9.7-150000.3.76.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS libxml2-tools-2.9.7-150000.3.76.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS python3-libxml2-python-2.9.7-150000.3.76.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS libxml2-2-2.9.7-150000.3.76.1 as a component of SUSE Linux Enterprise Micro 5.1 libxml2-tools-2.9.7-150000.3.76.1 as a component of SUSE Linux Enterprise Micro 5.1 libxml2-2-2.9.7-150000.3.76.1 as a component of SUSE Linux Enterprise Micro 5.2 libxml2-tools-2.9.7-150000.3.76.1 as a component of SUSE Linux Enterprise Micro 5.2 python3-libxml2-python-2.9.7-150000.3.76.1 as a component of SUSE Linux Enterprise Micro 5.2 libxml2-2-2.9.7-150000.3.76.1 as a component of SUSE Linux Enterprise Server 15 SP3-LTSS libxml2-2-32bit-2.9.7-150000.3.76.1 as a component of SUSE Linux Enterprise Server 15 SP3-LTSS libxml2-devel-2.9.7-150000.3.76.1 as a component of SUSE Linux Enterprise Server 15 SP3-LTSS libxml2-tools-2.9.7-150000.3.76.1 as a component of SUSE Linux Enterprise Server 15 SP3-LTSS python3-libxml2-python-2.9.7-150000.3.76.1 as a component of SUSE Linux Enterprise Server 15 SP3-LTSS libxml2-2-2.9.7-150000.3.76.1 as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP3 libxml2-2-32bit-2.9.7-150000.3.76.1 as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP3 libxml2-devel-2.9.7-150000.3.76.1 as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP3 libxml2-tools-2.9.7-150000.3.76.1 as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP3 python3-libxml2-python-2.9.7-150000.3.76.1 as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP3 python3-libxml2-python-2.9.7-150000.3.76.1 as a component of openSUSE Leap 15.6 libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a use-after-free in xmlSchemaIDCFillNodeTables and xmlSchemaBubbleIDCNodeTables in xmlschemas.c. To exploit this, a crafted XML document must be validated against an XML schema with certain identity constraints, or a crafted XML schema must be used. CVE-2024-56171 Container suse/ltss/sle15.3/bci-base:latest:libxml2-2-2.9.7-150000.3.76.1 Container suse/sle-micro-rancher/5.2:latest:libxml2-2-2.9.7-150000.3.76.1 Container suse/sle-micro/5.1/toolbox:latest:libxml2-2-2.9.7-150000.3.76.1 Container suse/sle-micro/5.2/toolbox:latest:libxml2-2-2.9.7-150000.3.76.1 SUSE Enterprise Storage 7.1:libxml2-2-2.9.7-150000.3.76.1 SUSE Enterprise Storage 7.1:libxml2-2-32bit-2.9.7-150000.3.76.1 SUSE Enterprise Storage 7.1:libxml2-devel-2.9.7-150000.3.76.1 SUSE Enterprise Storage 7.1:libxml2-tools-2.9.7-150000.3.76.1 SUSE Enterprise Storage 7.1:python3-libxml2-python-2.9.7-150000.3.76.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libxml2-2-2.9.7-150000.3.76.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libxml2-2-32bit-2.9.7-150000.3.76.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libxml2-devel-2.9.7-150000.3.76.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libxml2-tools-2.9.7-150000.3.76.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:python3-libxml2-python-2.9.7-150000.3.76.1 SUSE Linux Enterprise Micro 5.1:libxml2-2-2.9.7-150000.3.76.1 SUSE Linux Enterprise Micro 5.1:libxml2-tools-2.9.7-150000.3.76.1 SUSE Linux Enterprise Micro 5.2:libxml2-2-2.9.7-150000.3.76.1 SUSE Linux Enterprise Micro 5.2:libxml2-tools-2.9.7-150000.3.76.1 SUSE Linux Enterprise Micro 5.2:python3-libxml2-python-2.9.7-150000.3.76.1 SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-2-2.9.7-150000.3.76.1 SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-2-32bit-2.9.7-150000.3.76.1 SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-devel-2.9.7-150000.3.76.1 SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-tools-2.9.7-150000.3.76.1 SUSE Linux Enterprise Server 15 SP3-LTSS:python3-libxml2-python-2.9.7-150000.3.76.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:libxml2-2-2.9.7-150000.3.76.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:libxml2-2-32bit-2.9.7-150000.3.76.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:libxml2-devel-2.9.7-150000.3.76.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:libxml2-tools-2.9.7-150000.3.76.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:python3-libxml2-python-2.9.7-150000.3.76.1 openSUSE Leap 15.6:python3-libxml2-python-2.9.7-150000.3.76.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-20250976-1/ https://www.suse.com/security/cve/CVE-2024-56171.html CVE-2024-56171 https://bugzilla.suse.com/1237363 SUSE Bug 1237363 libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a stack-based buffer overflow in xmlSnprintfElements in valid.c. To exploit this, DTD validation must occur for an untrusted document or untrusted DTD. NOTE: this is similar to CVE-2017-9047. CVE-2025-24928 Container suse/ltss/sle15.3/bci-base:latest:libxml2-2-2.9.7-150000.3.76.1 Container suse/sle-micro-rancher/5.2:latest:libxml2-2-2.9.7-150000.3.76.1 Container suse/sle-micro/5.1/toolbox:latest:libxml2-2-2.9.7-150000.3.76.1 Container suse/sle-micro/5.2/toolbox:latest:libxml2-2-2.9.7-150000.3.76.1 SUSE Enterprise Storage 7.1:libxml2-2-2.9.7-150000.3.76.1 SUSE Enterprise Storage 7.1:libxml2-2-32bit-2.9.7-150000.3.76.1 SUSE Enterprise Storage 7.1:libxml2-devel-2.9.7-150000.3.76.1 SUSE Enterprise Storage 7.1:libxml2-tools-2.9.7-150000.3.76.1 SUSE Enterprise Storage 7.1:python3-libxml2-python-2.9.7-150000.3.76.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libxml2-2-2.9.7-150000.3.76.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libxml2-2-32bit-2.9.7-150000.3.76.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libxml2-devel-2.9.7-150000.3.76.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libxml2-tools-2.9.7-150000.3.76.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:python3-libxml2-python-2.9.7-150000.3.76.1 SUSE Linux Enterprise Micro 5.1:libxml2-2-2.9.7-150000.3.76.1 SUSE Linux Enterprise Micro 5.1:libxml2-tools-2.9.7-150000.3.76.1 SUSE Linux Enterprise Micro 5.2:libxml2-2-2.9.7-150000.3.76.1 SUSE Linux Enterprise Micro 5.2:libxml2-tools-2.9.7-150000.3.76.1 SUSE Linux Enterprise Micro 5.2:python3-libxml2-python-2.9.7-150000.3.76.1 SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-2-2.9.7-150000.3.76.1 SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-2-32bit-2.9.7-150000.3.76.1 SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-devel-2.9.7-150000.3.76.1 SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-tools-2.9.7-150000.3.76.1 SUSE Linux Enterprise Server 15 SP3-LTSS:python3-libxml2-python-2.9.7-150000.3.76.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:libxml2-2-2.9.7-150000.3.76.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:libxml2-2-32bit-2.9.7-150000.3.76.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:libxml2-devel-2.9.7-150000.3.76.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:libxml2-tools-2.9.7-150000.3.76.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:python3-libxml2-python-2.9.7-150000.3.76.1 openSUSE Leap 15.6:python3-libxml2-python-2.9.7-150000.3.76.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-20250976-1/ https://www.suse.com/security/cve/CVE-2025-24928.html CVE-2025-24928 https://bugzilla.suse.com/1237370 SUSE Bug 1237370 libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a NULL pointer dereference in xmlPatMatch in pattern.c. CVE-2025-27113 Container suse/ltss/sle15.3/bci-base:latest:libxml2-2-2.9.7-150000.3.76.1 Container suse/sle-micro-rancher/5.2:latest:libxml2-2-2.9.7-150000.3.76.1 Container suse/sle-micro/5.1/toolbox:latest:libxml2-2-2.9.7-150000.3.76.1 Container suse/sle-micro/5.2/toolbox:latest:libxml2-2-2.9.7-150000.3.76.1 SUSE Enterprise Storage 7.1:libxml2-2-2.9.7-150000.3.76.1 SUSE Enterprise Storage 7.1:libxml2-2-32bit-2.9.7-150000.3.76.1 SUSE Enterprise Storage 7.1:libxml2-devel-2.9.7-150000.3.76.1 SUSE Enterprise Storage 7.1:libxml2-tools-2.9.7-150000.3.76.1 SUSE Enterprise Storage 7.1:python3-libxml2-python-2.9.7-150000.3.76.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libxml2-2-2.9.7-150000.3.76.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libxml2-2-32bit-2.9.7-150000.3.76.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libxml2-devel-2.9.7-150000.3.76.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libxml2-tools-2.9.7-150000.3.76.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:python3-libxml2-python-2.9.7-150000.3.76.1 SUSE Linux Enterprise Micro 5.1:libxml2-2-2.9.7-150000.3.76.1 SUSE Linux Enterprise Micro 5.1:libxml2-tools-2.9.7-150000.3.76.1 SUSE Linux Enterprise Micro 5.2:libxml2-2-2.9.7-150000.3.76.1 SUSE Linux Enterprise Micro 5.2:libxml2-tools-2.9.7-150000.3.76.1 SUSE Linux Enterprise Micro 5.2:python3-libxml2-python-2.9.7-150000.3.76.1 SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-2-2.9.7-150000.3.76.1 SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-2-32bit-2.9.7-150000.3.76.1 SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-devel-2.9.7-150000.3.76.1 SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-tools-2.9.7-150000.3.76.1 SUSE Linux Enterprise Server 15 SP3-LTSS:python3-libxml2-python-2.9.7-150000.3.76.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:libxml2-2-2.9.7-150000.3.76.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:libxml2-2-32bit-2.9.7-150000.3.76.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:libxml2-devel-2.9.7-150000.3.76.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:libxml2-tools-2.9.7-150000.3.76.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:python3-libxml2-python-2.9.7-150000.3.76.1 openSUSE Leap 15.6:python3-libxml2-python-2.9.7-150000.3.76.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-20250976-1/ https://www.suse.com/security/cve/CVE-2025-27113.html CVE-2025-27113 https://bugzilla.suse.com/1237418 SUSE Bug 1237418