Out-of-Bounds Read Vulnerability in Libsoup Affects Red Hat Products
CVE-2025-32914

7.4HIGH

Key Information:

Vendor: Red Hat
Status: Red Hat Enterprise Linux 6; Red Hat Enterprise Linux 7; Red Hat Enterprise Linux 8; Red Hat Enterprise Linux 9
Vendor: CVE Published:; 14 April 2025

Summary

A vulnerability has been identified in Libsoup that allows an HTTP client to exploit the soup_multipart_new_from_message() function, leading to potential out-of-bounds read conditions. This flaw enables an attacker to trick the Libsoup server into accessing memory locations outside the intended bounds. Consequently, the exposure could lead to unauthorized data access or application instability. It is crucial for users and administrators of affected Red Hat products to evaluate this vulnerability and implement appropriate security measures.

References

https://access.redhat.com/security/cve/CVE-2025-32914

vdb-entryx_refsource_REDHAT

https://bugzilla.redhat.com/show_bug.cgi?id=2359358

issue-trackingx_refsource_REDHAT

CVSS V3.1

Score:

7.4

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Apr 14, 2025
Vulnerability Reserved
Apr 14, 2025