Sign In

CVE-2025-7519

ADVISORY - nist

Summary

A flaw was found in polkit. When processing an XML policy with 32 or more nested elements in depth, an out-of-bounds write can be triggered. This issue can lead to a crash or other unexpected behavior, and arbitrary code execution is not discarded. To exploit this flaw, a high-privilege account is needed as it's required to place the malicious policy file properly.

EPSS Score: 0.00034 (0.105)

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-787

Out-of-bounds Write

ADVISORY - redhat

CWE-787

Out-of-bounds Write

Impacted images

Advisories

NIST

CREATED

UPDATED

ADVISORY IDCVE-2025-7519
EXPLOITABILITY SCORE

0.8

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)
CWE-787

CVSS SCORE

6.7medium

Debian

CREATED

UPDATED

ADVISORY IDCVE-2025-7519
EXPLOITABILITY SCORE

-

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Alow

Ubuntu

CREATED

UPDATED

ADVISORY IDCVE-2025-7519
EXPLOITABILITY SCORE

-

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Alow

Amazon

CREATED

UPDATED

ADVISORY IDALAS2-2025-3024
EXPLOITABILITY SCORE

-

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

Amazon

CREATED

UPDATED

ADVISORY IDALAS2023-2025-1217
EXPLOITABILITY SCORE

-

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

Red Hat

CREATED

UPDATED

ADVISORY IDCVE-2025-7519
EXPLOITABILITY SCORE

0.8

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)
CWE-787

CVSS SCORE

6.7medium

Photon

CREATED

UPDATED

ADVISORY ID

CVE-2025-7519

EXPLOITABILITY SCORE

-

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

6.7medium