libsoup Stack-Based Buffer Overflow Vulnerability in Multipart HTTP Response Parsing

A stack-based buffer overflow vulnerability has been identified in libsoup, occurring during the parsing of multipart HTTP responses. This vulnerability arises from an incorrect length calculation, which allows a remote attacker to send a specially crafted multipart HTTP response that can lead to memory corruption. The flaw does not require authentication or user interaction, and can result in application crashes or arbitrary code execution in programs that handle untrusted server responses.

Impact

Exploitation of this vulnerability causes memory corruption, which can lead to application crashes or arbitrary code execution in the context of the affected application.

Remediation

Applications using libsoup to process HTTP responses should be configured to communicate only with trusted endpoints. Additionally, network egress filtering can be implemented to prevent vulnerable applications from connecting to untrusted external services, thereby reducing the risk of exposure to malicious multipart HTTP responses.