CVE-2025-7519

MEDIUM 6.7

Polkit: xml policy file with a large number of nested elements may lead to out-of-bounds write

CVSS Score

6.7

EPSS Score

0.0%

EPSS Percentile

0th

A flaw was found in polkit. When processing an XML policy with 32 or more nested elements in depth, an out-of-bounds write can be triggered. This issue can lead to a crash or other unexpected behavior, and arbitrary code execution is not discarded. To exploit this flaw, a high-privilege account is needed as it's required to place the malicious policy file properly.

CWE	CWE-787
Published	Jul 14, 2025
Last Updated	Feb 26, 2026

Stay Ahead of the Next One

Get instant alerts for

Be the first to know when new medium vulnerabilities are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Local

Attack Complexity

Low

Privileges Required

High

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Affected Versions

Red Hat / Red Hat Enterprise Linux 10

All versions affected

Red Hat / Red Hat Enterprise Linux 6

All versions affected

Red Hat / Red Hat Enterprise Linux 7

All versions affected

Red Hat / Red Hat Enterprise Linux 8

All versions affected

Red Hat / Red Hat Enterprise Linux 9

All versions affected

Red Hat / Red Hat OpenShift Container Platform 4

All versions affected

References

NVD ↗ CVE.org ↗ EPSS Data ↗

access.redhat.com: https://access.redhat.com/security/cve/CVE-2025-7519 bugzilla.redhat.com: https://bugzilla.redhat.com/show_bug.cgi?id=2379675 github.com: https://github.com/polkit-org/polkit/commit/107d3801361b9f9084f78710178e683391f1d245 github.com: https://github.com/polkit-org/polkit/pull/570

Credits

Red Hat would like to thank Mohamed Maatallah (Independent security researcher) for reporting this issue.