Primary

Context

libsoup Out-of-Bounds Read Vulnerability in Multipart Message Handling

Vulnerability

Patched

A vulnerability allowing an out-of-bounds read has been identified in libsoup, specifically in the function 'soup_multipart_new_from_message()'. This flaw can be exploited by a malicious HTTP client to induce the libsoup server to read memory outside of the intended bounds, potentially leading to a crash or abnormal termination of the process.

Impact

Exploitation of this vulnerability causes a crash or termination of the affected process.

Remediation

This vulnerability has been addressed in libsoup updates for Red Hat Enterprise Linux 8.2, 8.6, 9.0, 9.2, 9.4, and 10. Instructions for applying these updates are available on the Red Hat Customer Portal.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

7.3

impact

2.5

exploitability

7.4

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

7.3

impact

2.5

exploitability

7.4

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

libsoup Out-of-Bounds Read Vulnerability in Multipart Message Handling

Vulnerability

Impact

Remediation

Affected Products

libsoup

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating