Red Hat Enterprise Linux
Moderate fix5 remedies
cpe:2.3:o:redhat:enterprise_linux:*:*:*:*:*:*:*
Moderate fix5 remedies
- >= 9, < 9.1
- >= 9.4, < 9.5
- >= 9.2, < 9.3
- >= 8, < 8.1
- >= 8.8, < 8.9
Libsoup Integer Underflow Vulnerability in Multipart Message Processing Leading to Denial-of-Service
Vulnerability
Patched
A denial-of-service vulnerability has been identified in the libsoup HTTP library, commonly used in GNOME applications, due to an integer underflow in the multipart message parser. This flaw occurs in the 'soup_multipart_new_from_message()' function, where improper validation of specially crafted multipart messages can lead to invalid memory access, causing applications or services that rely on libsoup to crash or exit unexpectedly. The vulnerability can be exploited remotely without authentication or user interaction, disrupting the availability of the affected application or service.
Impact
Exploitation of this vulnerability causes applications or services using libsoup to crash or terminate unexpectedly, leading to a denial-of-service condition.
Remediation
Users can apply the available update for libsoup. Instructions for applying this update can be found on the Red Hat Customer Portal.
Added: Jun 9, 2025, 7:46 PM
Updated: Jun 9, 2025, 7:46 PM
Vulnerability Rating
Custom Algorithm
spread
6.8impact
2.5exploitability
7.8remediation
7.7relevance
0.0threat
0.0urgency
2.9incentive
10.0Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.