CVE-2025-7519 — MEDIUM (6.7)

Vulnerability Description

A flaw was found in polkit. When processing an XML policy with 32 or more nested elements in depth, an out-of-bounds write can be triggered. This issue can lead to a crash or other unexpected behavior, and arbitrary code execution is not discarded. To exploit this flaw, a high-privilege account is needed as it's required to place the malicious policy file properly.

CVSS Score

6.7

MEDIUM

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Affected Products

Vendor	Product	Versions
Redhat	Openshift Container Platform	4.0
Redhat	Enterprise Linux	6.0

Related Weaknesses (CWE)

CWE-787

References

https://access.redhat.com/security/cve/CVE-2025-7519Vendor Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2379675Issue Tracking
https://github.com/polkit-org/polkit/commit/107d3801361b9f9084f78710178e683391f1Patch
https://github.com/polkit-org/polkit/pull/570Patch

FAQ

What is CVE-2025-7519?

CVE-2025-7519 is a vulnerability with a CVSS score of 6.7 (MEDIUM). A flaw was found in polkit. When processing an XML policy with 32 or more nested elements in depth, an out-of-bounds write can be triggered. This issue can lead to a crash or other unexpected behavior...

How severe is CVE-2025-7519?

CVE-2025-7519 has been rated MEDIUM with a CVSS base score of 6.7/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2025-7519?

Check the references section above for vendor advisories and patch information. Affected products include: Redhat Openshift Container Platform, Redhat Enterprise Linux.