APAR status
Closed as program error.
Error description
Vulnerabilities in libxml2 could allow a use-after-free (CVE-2024-56171), a NULL pointer dereference (CVE-2025-27113), a buffer overflow (CVE-2025-24928), or a heap-based buffer under-read (CVE-2025-32415). AIX uses libxml2 as part of its XML parsing functions.
Local fix
Problem summary
This APAR addresses the security issue described in: https://aix.software.ibm.com/aix/efixes/security/libxml2_advisor y8.asc
Problem conclusion
Removed security issue.
Temporary fix
Comments
APAR Information
APAR number
IJ54679
Reported component name
AIX V7.2
Reported component ID
5765CD200
Reported release
720
Status
CLOSED PER
HIPER
NoHIPER
Special Attention
NoSpecatt / Xsystem
Submitted date
2025-05-12
Closed date
2025-05-12
Last modified date
2025-08-14
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
Fix information
Fixed component name
AIX V7.2
Fixed component ID
5765CD200
Applicable component levels
[{"Business Unit":{"code":"BU058","label":"IBM Infrastructure w\/TPS"},"Product":{"code":"SG11S","label":"AIX 7.2 HIPERS- APARs and Fixes"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"720","Line of Business":{"code":"LOB08","label":"Cognitive Systems"}}]
Document Information
Modified date:
15 August 2025