RLSA-2025:4560
- Source
- https://errata.rockylinux.org/RLSA-2025:4560
- Import Source
- https://storage.googleapis.com/resf-osv-data/RLSA-2025:4560.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/RLSA-2025:4560
- Upstream
- Published
- 2025-07-29T13:38:26.982620Z
- Modified
- 2025-07-29T14:03:17.919617Z
- Severity
-
- 9.0 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H CVSS Calculator
- Summary
- Important: libsoup security update
- Details
-
The libsoup packages provide an HTTP client and server library for GNOME.
Security Fix(es):
libsoup: Integer overflow in appendparamquoted (CVE-2025-32050)
libsoup: Heap buffer overflow in sniff_unknown() (CVE-2025-32052)
libsoup: Heap buffer overflows in snifffeedorhtml() and skipinsignificant_space() (CVE-2025-32053)
libsoup: Out of bounds reads in soupheadersparse_request() (CVE-2025-32906)
libsoup: Double free on soupmessageheadersgetcontent_disposition() through "soup-message-headers.c" via "params" GHashTable value (CVE-2025-32911)
libsoup: NULL pointer dereference in soupmessageheadersgetcontent_disposition when "filename" parameter is present, but has no value in Content-Disposition header (CVE-2025-32913)
libsoup: Information disclosure may leads libsoup client sends Authorization header to a different host when being redirected by a server (CVE-2025-46421)
libsoup: Memory leak on soupheaderparsequalitylist() via soup-headers.c (CVE-2025-46420)
libsoup: Integer overflow in appendparamquoted [rhel-8.10.z] (CVE-2025-32050)
libsoup: Heap buffer overflow in sniff_unknown() [rhel-8.10.z] (CVE-2025-32052)
libsoup: Heap buffer overflows in snifffeedorhtml() and skipinsignificant_space() [rhel-8.10.z] (CVE-2025-32053)
libsoup: Out of bounds reads in soupheadersparse_request() [rhel-8.10.z] (CVE-2025-32906)
libsoup: Double free on soupmessageheadersgetcontent_disposition() through "soup-message-headers.c" via "params" GHashTable value [rhel-8.10.z] (CVE-2025-32911)
libsoup: NULL pointer dereference in soupmessageheadersgetcontent_disposition when "filename" parameter is present, but has no value in Content-Disposition header [rhel-8.10.z] (CVE-2025-32913)
libsoup: Memory leak on soupheaderparsequalitylist() via soup-headers.c [rhel-8.10.z] (CVE-2025-46420)
libsoup: Information disclosure may leads libsoup client sends Authorization header to a different host when being redirected by a server [rhel-8.10.z] (CVE-2025-46421)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer the CVE page(s) listed in the References section.
- References
-
- https://errata.rockylinux.org/RLSA-2025:4560
- https://bugzilla.redhat.com/show_bug.cgi?id=2357067
- https://bugzilla.redhat.com/show_bug.cgi?id=2357069
- https://bugzilla.redhat.com/show_bug.cgi?id=2357070
- https://bugzilla.redhat.com/show_bug.cgi?id=2359341
- https://bugzilla.redhat.com/show_bug.cgi?id=2359355
- https://bugzilla.redhat.com/show_bug.cgi?id=2359357
- https://bugzilla.redhat.com/show_bug.cgi?id=2361962
- https://bugzilla.redhat.com/show_bug.cgi?id=2361963
- Credits
-
-
- Rocky Enterprise Software Foundation
-
- Red Hat
-
Affected packages
Rocky Linux:8 / libsoup
Package
- Name
- libsoup
- Purl
- pkg:rpm/rocky-linux/libsoup?distro=rocky-linux-8&epoch=0