CVE-2025-7519

CVE-2025-7519CVE-2025-7519

redhat / openshift_container_platform

Description

A flaw was found in polkit. When processing an XML policy with 32 or more nested elements in depth, an out-of-bounds write can be triggered. This issue can lead to a crash or other unexpected behavior, and arbitrary code execution is not discarded. To exploit this flaw, a high-privilege account is needed as it's required to place the malicious policy file properly.

Scoring

CVSS 6.7 ()
VectorCVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Last modified2026-06-25
Sourced from NVD. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.