关键漏洞信息 漏洞概述 类型/严重性: 安全公告 - 重要 主题: libxml2 安全更新 描述: libxml2 库是一个提供各种 XML 标准实现的开发工具箱。此次更新修复了以下安全问题: - libxslt: 堆使用后释放(CVE-2025-7425) 影响的产品 Red Hat Enterprise Linux for x86_64 9 x86_64 Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.6 x86_64 Red Hat Enterprise Linux Server - AUS 9.6 x86_64 Red Hat Enterprise Linux for IBM z Systems 9 s390x Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.6 s390x Red Hat Enterprise Linux for Power, little endian 9 ppc64le Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.6 ppc64le Red Hat Enterprise Linux for ARM 64 aarch64 Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.6 aarch64 Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.6 ppc64le Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.6 x86_64 Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.6 aarch64 Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.6 s390x 修复措施 BZ - 2379274: CVE-2025-7425 libxslt: 堆使用后释放,由 xmlAttrPtr 中的 atype 腐败引起 CVE 编号 CVE-2025-7425 参考链接 https://access.redhat.com/security/updates/classification/#important