Buffer Under-read Vulnerability in Libsoup Affects Red Hat Products
CVE-2025-32050

5.9MEDIUM

Key Information:

Vendor
Red Hat
Status
Red Hat Enterprise Linux 8
Red Hat Enterprise Linux 8.8 Extended Update Support
Red Hat Enterprise Linux 9.2 Extended Update Support
Red Hat Enterprise Linux 9.4 Extended Update Support
Vendor
CVE Published:
3 April 2025

Summary

A security flaw has been identified in Libsoup, specifically within the append_param_quoted() function, which may lead to a buffer under-read. This issue could potentially allow an attacker to manipulate memory in ways that might result in unauthorized access or data exposure. Users are encouraged to apply necessary updates to mitigate any risks associated with this vulnerability.

Affected Version(s)

Red Hat Enterprise Linux 8 0:2.62.3-8.el8_10

Red Hat Enterprise Linux 8 0:2.62.3-8.el8_10

Red Hat Enterprise Linux 8.8 Extended Update Support 0:2.62.3-3.el8_8.4

References

https://access.redhat.com/errata/RHSA-2025:4440
vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:4508
vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:4560
vendor-advisoryx_refsource_REDHAT

CVSS V3.1

Score:
5.9
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.