关键漏洞信息 公告编号: RHSA-2025:7512 发布日期: 2025-05-13 更新日期: 2025-05-13 类型/严重性: 安全通告 - 中等 主题: expat 安全更新 描述: 更新了用于解析 XML 文档的 C 库 expat,修复了以下安全问题: - CVE-2024-8176: libexpat: expat 对 XML 实体扩展深度的不当限制 受影响的产品: - Red Hat Enterprise Linux for x86_64 10 x86_64 - Red Hat Enterprise Linux for x86_64 - Extended Update Support 10.0 x86_64 - Red Hat Enterprise Linux for IBM z Systems 10 s390x - Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 10.0 s390x - Red Hat Enterprise Linux for Power, little endian 10 ppc64le - Red Hat Enterprise Linux for Power, little endian - Extended Update Support 10.0 ppc64le - Red Hat Enterprise Linux for ARM 64 10 aarch64 - Red Hat Enterprise Linux for ARM 64 - Extended Update Support 10.0 aarch64 - Red Hat Enterprise Linux for ARM 64 - 4 years of updates 10.0 aarch64 - Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 10.0 s390x - Red Hat Enterprise Linux for Power, little endian - 4 years of support 10.0 ppc64le - Red Hat Enterprise Linux for x86_64 - 4 years of updates 10.0 x86_64 修复措施: - BZ - 2310137: CVE-2024-8176 libexpat: expat 对 XML 实体扩展深度的不当限制 CVE 编号: CVE-2024-8176 参考链接: https://access.redhat.com/security/updates/classification/#moderate