Critical Vulnerability Information Vulnerability Overview Type/Severity: Important Security Advisory Subject: libxml2 Security Update for Red Hat Enterprise Linux 9 Description The libxml2 library is a development toolkit that provides implementations of various XML standards. This update addresses the following security issues: CVE-2025-49794: libxml: Use-after-free (UAF) leading to Denial of Service (DoS) CVE-2025-49796: libxml: Type confusion leading to Denial of Service (DoS) CVE-2025-6021: libxml2: Integer overflow in xmlBuildQName() causing stack buffer overflow Affected Products Red Hat Enterprise Linux for x86_64 9.x86_64 Red Hat Enterprise Linux for x86_64 9.6 - Extended Update Support 9.6 x86_64 Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.6 ppc64le etc. (see the list of affected products in the screenshot for full details) Remediation BZ-2372373: CVE-2025-49794 libxml: Use-after-free (UAF) leading to Denial of Service (DoS) BZ-2372365: CVE-2025-49796 libxml: Type confusion leading to Denial of Service (DoS) BZ-2372406: CVE-2025-6021 libxml2: Integer overflow in xmlBuildQName() causing stack buffer overflow Reference Links Red Hat Security Update Classification