SUSE 15-SP6: 2025:1504-1 important: libsoup buffer overflow fix

suse

May 7, 2025

* bsc#1240750 * bsc#1240752 * bsc#1240754 * bsc#1240756 * bsc#1240757

Summary

## This update for libsoup fixes the following issues: * CVE-2025-2784: Fixed heap buffer over-read in `skip_insignificant_space` when sniffing conten (bsc#1240750) * CVE-2025-32050: Fixed integer overflow in append_param_quoted (bsc#1240752) * CVE-2025-32051: Fixed segmentation fault when parsing malformed data URI (bsc#1240754) * CVE-2025-32052: Fixed heap buffer overflow in sniff_unknown() (bsc#1240756) * CVE-2025-32053: Fixed heap buffer overflows in sniff_feed_or_html() and skip_insignificant_space() (bsc#1240757) * CVE-2025-32906: Fixed out of bounds reads in soup_headers_parse_request() (bsc#1241263) * CVE-2025-32907: Fixed excessive memory consumption in server when client requests a large amount of overlapping ranges in a single HTTP request (bsc#1241222)

Topics Covered

security advisory buffer overflow important memory leak SUSE libsoup

References

* bsc#1240750

* bsc#1240752

* bsc#1240754

* bsc#1240756

* bsc#1240757

* bsc#1241162

* bsc#1241164

* bsc#1241214

* bsc#1241222

* bsc#1241223

* bsc#1241226

* bsc#1241238

* bsc#1241252

* bsc#1241263

* bsc#1241686

* bsc#1241688

Cross-

* CVE-2025-2784

* CVE-2025-32050

* CVE-2025-32051

* CVE-2025-32052

* CVE-2025-32053

* CVE-2025-32906

* CVE-2025-32907

* CVE-2025-32908

* CVE-2025-32909

* CVE-2025-32910

* CVE-2025-32911

* CVE-2025-32912

* CVE-2025-32913

* CVE-2025-32914

* CVE-2025-46420

* CVE-2025-46421

CVSS scores:

* CVE-2025-2784 ( SUSE ): 8.3

CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N

* CVE-2025-2784 ( SUSE ): 7.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H

* CVE-2025-2784 ( NVD ): 7.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H

* CVE-2025-32050 ( SUSE ): 6.0

Severity

important

Lowest

Low

Medium

High

Critical

Announcement ID: SUSE-SU-2025:1504-1

Release Date: 2025-05-07T12:06:19Z

Rating: important

Topics Covered

security advisory buffer overflow important memory leak SUSE libsoup

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Like staying secure? So do we.
Sign up for updates, tips, and alerts!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE 15-SP6: 2025:1504-1 important: libsoup buffer overflow fix

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE 15-SP6: 2025:1504-1 important: libsoup buffer overflow fix

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related Articles

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!