PT-2025-16238 · Libsoup+10 · Libsoup+10

Published

2024-11-25

·

Updated

2025-11-18

·

CVE-2025-32906

CVSS v2.0

7.8

High

VectorAV:N/AC:L/Au:N/C:N/I:N/A:C
Name of the Vulnerable Software and Affected Versions: libsoup (affected versions not specified)
Description: A flaw was found in libsoup, where the soup headers parse request() function may be vulnerable to an out-of-bound read. This flaw allows a malicious user to use a specially crafted HTTP request to crash the HTTP server.
Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

RCE

Out of bounds Read

Weakness Enumeration

CWE-125

Related Identifiers

ALSA-2025:4560
ALSA-2025:7436
ALSA-2025:7505
ALSA-2025:8292
AZL-60383
AZL-60433
BDU:2025-06567
CESA-2025_4560
CESA-2025_8292
CVE-2025-32906
DLA-4140-1
INFSA-2025_4560
INFSA-2025_7436
INFSA-2025_8292
MGASA-2025-0261
OESA-2025-1460
OPENSUSE-SU-2025:15189-1
OPENSUSE-SU-2025_1504-1
OPENSUSE-SU-2025_1510-1
RHSA-2025:4439
RHSA-2025:4440
RHSA-2025:4508
RHSA-2025:4538
RHSA-2025:4560
RHSA-2025:4568
RHSA-2025:4609
RHSA-2025:4624
RHSA-2025:7436
RHSA-2025:7505
RHSA-2025:8292
RHSA-2025:9179
RHSA-2025_4560
RHSA-2025_7436
RHSA-2025_8292
SUSE-SU-2025:01504-1
SUSE-SU-2025:01794-1
SUSE-SU-2025:01801-1
SUSE-SU-2025:01802-1
SUSE-SU-2025:01864-1
SUSE-SU-2025:1504-1
SUSE-SU-2025:1510-1
SUSE-SU-2025:20375-1
SUSE-SU-2025:20446-1
SUSE-SU-2025_01794-1
SUSE-SU-2025_01801-1
SUSE-SU-2025_01802-1
SUSE-SU-2025_01864-1
USN-7490-1
USN-7490-3

Affected Products

Almalinux
Astra Linux
Centos
Debian
Linuxmint
Red Hat
Red Os
Rocky Linux
Suse
Ubuntu
Libsoup