CVE-2025-27113
Published: 18 February 2025
Summary
CVE-2025-27113 is a low-severity NULL Pointer Dereference (CWE-476) vulnerability in Xmlsoft Libxml2. Its CVSS base score is 2.9 (Low).
Operationally, exploitation aligns with the MITRE ATT&CK technique Application or System Exploitation (T1499.004); ranked at the 26.2th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 RA-5 (Vulnerability Monitoring and Scanning) and SI-2 (Flaw Remediation).
Deeper analysis
CVE-2025-27113 is a NULL pointer dereference vulnerability in the xmlPatMatch function within pattern.c of the libxml2 library. It affects libxml2 versions before 2.12.10 as well as 2.13.x versions before 2.13.6. The vulnerability, classified under CWE-476, was published on 2025-02-18 and carries a CVSS v3.1 base score of 2.9.
A local attacker (AV:L) with no privileges (PR:N) and no user interaction (UI:N) required can exploit this issue through a high-complexity attack (AC:H) within unchanged scope (S:U). Successful exploitation results in limited availability impact (A:L) via a crash or denial of service, with no impact on confidentiality or integrity (C:N/I:N).
Advisories recommend upgrading to libxml2 2.12.10 or later for the 2.12 series, or 2.13.6 or later for the 2.13 series to mitigate the issue. Further technical details are documented in the libxml2 GitLab issue at https://gitlab.gnome.org/GNOME/libxml2/-/issues/861, along with full disclosure reports at http://seclists.org/fulldisclosure/2025/Apr/10, http://seclists.org/fulldisclosure/2025/Apr/11, http://seclists.org/fulldisclosure/2025/Apr/12, and http://seclists.org/fulldisclosure/2025/Apr/13.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2025-4763
Vulnerability details
libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a NULL pointer dereference in xmlPatMatch in pattern.c.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
NULL pointer dereference in libxml2 causes crash/DoS, directly mapping to application exploitation for endpoint denial of service (T1499.004).
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly requires timely identification, reporting, and correction of flaws like the NULL pointer dereference in libxml2's xmlPatMatch function via patching to version 2.12.10 or 2.13.6.
Vulnerability scanning detects systems using vulnerable libxml2 versions affected by CVE-2025-27113.
Ensures receipt of security advisories documenting CVE-2025-27113, enabling awareness and initiation of flaw remediation.