Alerts This Week
Warning Icon 1 714
Alerts This Week
Warning Icon 1 714

SUSE Linux Micro 6.1: 2025:20446-1 important: libsoup update

suse
Calendar Grey June 30, 2025
Dist Suse Esm H88
SUSE issues significant patch for libsoup that tackles various concerns, improving both security and overall system reliability.
* bsc#1240750 * bsc#1240752 * bsc#1240754 * bsc#1240756 * bsc#1240757

Summary

## This update for libsoup fixes the following issues: * CVE-2025-2784: Fixed Heap buffer over-read in `skip_insignificant_space` when sniffing content (bsc#1240750) * CVE-2025-32050:Fixed Integer overflow in append_param_quoted (bsc#1240752) * CVE-2025-32051:Fixed Segmentation fault when parsing malformed data URI (bsc#1240754) * CVE-2025-32052:Fixed Heap buffer overflow in sniff_unknown() (bsc#1240756) * CVE-2025-32053:Fixed Heap buffer overflows in sniff_feed_or_html() and skip_insignificant_space() (bsc#1240757) * CVE-2025-32913:Fixed NULL pointer dereference in soup_message_headers_get_content_disposition (bsc#1241162) * CVE-2025-32914:Fixed out of bounds read in `soup_multipart_new_from_message()` (bsc#1241164)

Topics%20covered

Topics Covered

security advisory important heap overflow suse libsoup buffer over-read

References

* bsc#1240750

* bsc#1240752

* bsc#1240754

* bsc#1240756

* bsc#1240757

* bsc#1241162

* bsc#1241164

* bsc#1241214

* bsc#1241222

* bsc#1241223

* bsc#1241226

* bsc#1241238

* bsc#1241252

* bsc#1241263

* bsc#1241686

* bsc#1241688

Cross-

* CVE-2025-2784

* CVE-2025-32050

* CVE-2025-32051

* CVE-2025-32052

* CVE-2025-32053

* CVE-2025-32906

* CVE-2025-32907

* CVE-2025-32908

* CVE-2025-32909

* CVE-2025-32910

* CVE-2025-32911

* CVE-2025-32912

* CVE-2025-32913

* CVE-2025-32914

* CVE-2025-46420

* CVE-2025-46421

CVSS scores:

* CVE-2025-2784 ( SUSE ): 8.3

CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N

* CVE-2025-2784 ( SUSE ): 7.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H

* CVE-2025-2784 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2025:20446-1
Release Date: 2025-06-25T08:16:46Z
Rating: important

Topics%20covered

Topics Covered

security advisory important heap overflow suse libsoup buffer over-read

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here