You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
cve 2025 7519
About this tag
CVE-2025-7519 is a security vulnerability in polkit's XML policy handler that can be triggered by a crafted .policy file with unusually deep nesting of 32 or more elements. This deep parsing bug produces an out-of-bounds write that can crash polkit's daemon and, in the worst case, might be leveraged toward code execution. Vendors and upstream have issued a targeted patch to bound XML parsing depth. Administrators should treat this as a high-impact local integrity and availability flaw that requires rapid inventory, patching, and operational hardening.
A deep parsing bug in polkit’s XML policy handler can be triggered by a crafted .policy file with unusually deep nesting (32 or more elements), producing an out‑of‑bounds write that can crash polkit’s daemon and — in the worst case — might be leveraged toward code execution; vendors and upstream...