CVE-2024-8176
Libexpat: expat: improper restriction of xml entity expansion depth in libexpat
CVSS Score
7.5
EPSS Score
0.0%
EPSS Percentile
0th
A stack overflow vulnerability exists in the libexpat library due to the way it handles recursive entity expansion in XML documents. When parsing an XML document with deeply nested entity references, libexpat can be forced to recurse indefinitely, exhausting the stack space and causing a crash. This issue could lead to denial of service (DoS) or, in some cases, exploitable memory corruption, depending on the environment and library usage.
| CWE | CWE-674 |
| Published | Mar 14, 2025 |
| Last Updated | Mar 20, 2026 |
Stay Ahead of the Next One
Get instant alerts for
Be the first to know when new high vulnerabilities are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
CVSS v3 Breakdown
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High
Affected Versions
Red Hat / Red Hat Enterprise Linux 10
All versions affected Red Hat / Red Hat Enterprise Linux 8
All versions affected Red Hat / Red Hat Enterprise Linux 8
All versions affected Red Hat / Red Hat Enterprise Linux 8.2 Advanced Update Support
All versions affected Red Hat / Red Hat Enterprise Linux 8.2 Advanced Update Support
All versions affected Red Hat / Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support
All versions affected Red Hat / Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support
All versions affected Red Hat / Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On
All versions affected Red Hat / Red Hat Enterprise Linux 8.4 Telecommunications Update Service
All versions affected Red Hat / Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions
All versions affected Red Hat / Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support
All versions affected Red Hat / Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support
All versions affected Red Hat / Red Hat Enterprise Linux 8.6 Telecommunications Update Service
All versions affected Red Hat / Red Hat Enterprise Linux 8.6 Telecommunications Update Service
All versions affected Red Hat / Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions
All versions affected Red Hat / Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions
All versions affected Red Hat / Red Hat Enterprise Linux 8.8 Extended Update Support
All versions affected Red Hat / Red Hat Enterprise Linux 8.8 Telecommunications Update Service
All versions affected Red Hat / Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions
All versions affected Red Hat / Red Hat Enterprise Linux 9
All versions affected Red Hat / Red Hat Enterprise Linux 9
All versions affected Red Hat / Red Hat Enterprise Linux 9
All versions affected Red Hat / Red Hat Enterprise Linux 9
All versions affected Red Hat / Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions
All versions affected Red Hat / Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions
All versions affected Red Hat / Red Hat Enterprise Linux 9.4 Extended Update Support
All versions affected Red Hat / Red Hat JBoss Core Services 2.4.62.SP1
All versions affected Red Hat / DevWorkspace Operator 0.33
All versions affected Red Hat / Red Hat Discovery 1.14
All versions affected Red Hat / Red Hat Discovery 1.14
All versions affected Red Hat / Red Hat Enterprise Linux 6
All versions affected Red Hat / Red Hat Enterprise Linux 6
All versions affected Red Hat / Red Hat Enterprise Linux 7
All versions affected Red Hat / Red Hat Enterprise Linux 7
All versions affected Red Hat / Red Hat Enterprise Linux 7
All versions affected Red Hat / Red Hat Enterprise Linux 8
All versions affected Red Hat / Red Hat Enterprise Linux 8
All versions affected Red Hat / Red Hat Enterprise Linux 8
All versions affected Red Hat / Red Hat Enterprise Linux 8
All versions affected Red Hat / Red Hat Enterprise Linux 9
All versions affected Red Hat / Red Hat Enterprise Linux 9
All versions affected Red Hat / Red Hat Enterprise Linux 9
All versions affected Red Hat / Red Hat Enterprise Linux 9
All versions affected Red Hat / Red Hat OpenShift Container Platform 4
All versions affected References
access.redhat.com: https://access.redhat.com/errata/RHSA-2025:13681 access.redhat.com: https://access.redhat.com/errata/RHSA-2025:22033 access.redhat.com: https://access.redhat.com/errata/RHSA-2025:22034 access.redhat.com: https://access.redhat.com/errata/RHSA-2025:22035 access.redhat.com: https://access.redhat.com/errata/RHSA-2025:22607 access.redhat.com: https://access.redhat.com/errata/RHSA-2025:22785 access.redhat.com: https://access.redhat.com/errata/RHSA-2025:22842 access.redhat.com: https://access.redhat.com/errata/RHSA-2025:22871 access.redhat.com: https://access.redhat.com/errata/RHSA-2025:3531 access.redhat.com: https://access.redhat.com/errata/RHSA-2025:3734 access.redhat.com: https://access.redhat.com/errata/RHSA-2025:3913 access.redhat.com: https://access.redhat.com/errata/RHSA-2025:4048 access.redhat.com: https://access.redhat.com/errata/RHSA-2025:4446 access.redhat.com: https://access.redhat.com/errata/RHSA-2025:4447 access.redhat.com: https://access.redhat.com/errata/RHSA-2025:4448 access.redhat.com: https://access.redhat.com/errata/RHSA-2025:4449 access.redhat.com: https://access.redhat.com/errata/RHSA-2025:7444 access.redhat.com: https://access.redhat.com/errata/RHSA-2025:7512 access.redhat.com: https://access.redhat.com/errata/RHSA-2025:8385 access.redhat.com: https://access.redhat.com/security/cve/CVE-2024-8176 bugzilla.redhat.com: https://bugzilla.redhat.com/show_bug.cgi?id=2310137 github.com: https://github.com/libexpat/libexpat/issues/893 github.com: https://github.com/libexpat/libexpat/pull/973 openwall.com: http://www.openwall.com/lists/oss-security/2025/03/15/1 blog.hartwork.org: https://blog.hartwork.org/posts/expat-2-7-0-released/ github.com: https://github.com/libexpat/libexpat/blob/R_2_7_0/expat/Changes#L40-L52 bugzilla.suse.com: https://bugzilla.suse.com/show_bug.cgi?id=1239618 ubuntu.com: https://ubuntu.com/security/CVE-2024-8176 security-tracker.debian.org: https://security-tracker.debian.org/tracker/CVE-2024-8176 gitlab.alpinelinux.org: https://gitlab.alpinelinux.org/alpine/aports/-/commit/d068c3ff36fc6f4789988a09c69b434db757db53 security.netapp.com: https://security.netapp.com/advisory/ntap-20250328-0009/ kb.cert.org: https://www.kb.cert.org/vuls/id/760160 seclists.org: http://seclists.org/fulldisclosure/2025/May/12 seclists.org: http://seclists.org/fulldisclosure/2025/May/11 seclists.org: http://seclists.org/fulldisclosure/2025/May/10 seclists.org: http://seclists.org/fulldisclosure/2025/May/8 seclists.org: http://seclists.org/fulldisclosure/2025/May/7 seclists.org: http://seclists.org/fulldisclosure/2025/May/6 openwall.com: http://www.openwall.com/lists/oss-security/2025/09/24/11
Credits
This issue was discovered by Jann Horn (Google Project Zero), Sandipan Roy (Red Hat), Sebastian Pipping (libexpat), and Tomas Korbar (Red Hat).