CVE-2025-10911 is a use-after-free vulnerability identified in the libxslt library component of Red Hat Enterprise Linux 10. The vulnerability arises during the parsing of XSL nodes, where the software erroneously dereferences pointers that have already been freed (expired pointers). This flaw can cause the application to crash due to invalid memory access. The vulnerability is classified with a CVSS 3.1 base score of 5.5 (medium severity), reflecting a scenario where the attack vector is local (AV:L), attack complexity is low (AC:L), no privileges are required (PR:N), but user interaction is necessary (UI:R). The scope remains unchanged (S:U), and the impact affects availability only (A:H) without compromising confidentiality or integrity. No known exploits are currently reported in the wild, and no patches or fixes have been explicitly linked yet. The vulnerability could be triggered by a local user who can supply crafted XSL content to the libxslt parser, potentially causing denial of service through application crashes. Since libxslt is commonly used for XML transformations, any service or application relying on this library within Red Hat Enterprise Linux 10 environments could be affected. The lack of confidentiality or integrity impact reduces the risk of data breaches but does not eliminate the risk of service disruption.

For European organizations running Red Hat Enterprise Linux 10, this vulnerability primarily poses a risk of denial of service (DoS) due to application crashes when processing maliciously crafted XSL files. This could affect services that rely on XML transformations, such as web services, middleware, or automated data processing pipelines. The impact is particularly relevant for sectors with critical uptime requirements, including finance, healthcare, telecommunications, and government services. While the vulnerability does not allow for privilege escalation or data compromise, repeated exploitation could degrade service availability, leading to operational disruptions and potential financial losses. Additionally, if attackers combine this DoS vector with other vulnerabilities, it could facilitate more complex attack chains. Given the local attack vector and requirement for user interaction, the threat is somewhat limited to insider threats or scenarios where users can be tricked into processing malicious XSL content.

European organizations should implement several targeted mitigation strategies beyond generic patching advice. First, restrict access to systems running Red Hat Enterprise Linux 10 to trusted users only, minimizing the risk of local exploitation. Second, implement strict input validation and sanitization for any XML or XSL content processed by applications using libxslt, rejecting or sandboxing untrusted or user-supplied XSL files. Third, monitor application logs and system behavior for signs of crashes or abnormal terminations related to XML processing. Fourth, employ application whitelisting and privilege separation to limit the impact of potential crashes. Fifth, stay updated with Red Hat security advisories and apply patches promptly once available. Finally, consider deploying runtime protection tools that can detect and prevent use-after-free conditions or memory corruption in critical applications.