Alerts This Week
Warning Icon 1 1,149
Alerts This Week
Warning Icon 1 1,149

Ubuntu 24.10: USN-7432-1 critical: libsoup denial of service

ubuntu
Calendar Grey April 10, 2025
Dist Ubuntu Esm H88
A variety of vulnerabilities in libsoup have been patched across numerous Ubuntu versions. It is advisable to perform updates for enhanced security.
Several security issues were fixed in libsoup.

Summary

Several security issues were fixed in libsoup.

Software Description:

- libsoup2.4: HTTP client/server library for GNOME

- libsoup3: GObject introspection data for the libsoup HTTP library

Details:

It was discovered that libsoup could be made to read out of bounds. An

attacker could possibly use this issue to cause applications using

libsoup to crash, resulting in a denial of service. (CVE-2025-2784,

CVE-2025-32050, CVE-2025-32052, CVE-2025-32053)

It was discovered that libsoup could be made to dereference invalid

memory. An attacker could possibly use this issue to cause applications

using libsoup to crash, resulting in a denial of service.

(CVE-2025-32051)

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 24.10
   libsoup-2.4-1                   2.74.3-7ubuntu0.2
   libsoup-3.0-0                   3.6.0-2ubuntu0.2

Ubuntu 24.04 LTS
   libsoup-2.4-1                   2.74.3-6ubuntu1.2
   libsoup-3.0-0                   3.4.4-5ubuntu0.2

Ubuntu 22.04 LTS
   libsoup-3.0-0                   3.0.7-0ubuntu1+esm2
                                   Available with Ubuntu Pro
   libsoup2.4-1                    2.74.2-3ubuntu0.2

Ubuntu 20.04 LTS
   libsoup2.4-1                    2.70.0-1ubuntu0.2

In general, a standard system update will make all the necessary changes.

References

  https://ubuntu.com/security/notices/USN-7432-1

  CVE-2025-2784, CVE-2025-32050, CVE-2025-32051, CVE-2025-32052,

  CVE-2025-32053

Severity
critical
Lowest
Low
Medium
High
Critical

Ubuntu Security Notice USN-7432-1

Package Information

  https://launchpad.net/ubuntu/+source/libsoup3/3.6.0-2ubuntu0.2
  https://launchpad.net/ubuntu/+source/libsoup3/3.4.4-5ubuntu0.2

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here