Primary

Context

libsoup NULL Pointer Dereference Vulnerability in the MP4 Sniffer Function

Vulnerability

A NULL pointer dereference vulnerability has been identified in libsoup's SoupContentSniffer component, prior to version 3.6.2. The issue arises in the sniff_mp4 function, where a malicious HTTP server can cause the libsoup client to crash.

Impact

Exploitation of this vulnerability leads to a crash of the libsoup client, causing a denial-of-service condition.

Remediation

This vulnerability has been addressed in Red Hat Enterprise Linux 8. Users can apply the update through the Red Hat Enterprise Linux 8 Update mechanism.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

7.3

impact

2.5

exploitability

6.4

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

7.3

impact

2.5

exploitability

6.4

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

libsoup NULL Pointer Dereference Vulnerability in the MP4 Sniffer Function

Vulnerability

Impact

Remediation

Affected Products

libsoup

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating