CVE-2025-32913 identifies a NULL pointer dereference vulnerability in the libsoup library, specifically within the function soup_message_headers_get_content_disposition(). Libsoup is a widely used HTTP client/server library in GNOME and other Linux-based environments. The vulnerability arises when the function attempts to access or parse the Content-Disposition header without properly validating the pointer, leading to a NULL pointer dereference. This causes the application using libsoup to crash, resulting in a denial of service (DoS). The flaw can be exploited remotely by an unauthenticated attacker who sends a specially crafted HTTP message to a vulnerable libsoup client or server. Since no authentication or user interaction is required, exploitation is straightforward over the network. The vulnerability does not allow code execution or data leakage but disrupts service availability. The CVSS v3.1 base score of 7.5 reflects the network attack vector, low attack complexity, no privileges required, no user interaction, and a high impact on availability. No patches or exploits are currently documented, but the risk remains significant for systems relying on libsoup for HTTP communications.

The primary impact of CVE-2025-32913 is denial of service through application crashes, which can disrupt services relying on libsoup for HTTP communication. This can affect web clients, servers, and embedded devices using libsoup, potentially causing downtime and service unavailability. Organizations that deploy applications or services built on GNOME or other Linux-based platforms using libsoup may experience interruptions, impacting business continuity and user experience. Although the vulnerability does not compromise confidentiality or integrity, repeated exploitation could lead to sustained outages or be leveraged as part of a broader denial-of-service campaign. Critical infrastructure or services that depend on stable HTTP communications could be particularly vulnerable to operational disruptions. The lack of authentication or user interaction requirements increases the risk of widespread exploitation.

Organizations should monitor for official patches or updates from libsoup maintainers and apply them promptly once available. In the interim, network-level mitigations such as filtering or blocking suspicious HTTP traffic that might exploit malformed Content-Disposition headers can reduce exposure. Employing web application firewalls (WAFs) or intrusion prevention systems (IPS) with custom rules to detect and block malformed HTTP headers targeting libsoup may help mitigate risk. Developers should audit and harden code that uses libsoup, ensuring robust input validation and error handling around HTTP header parsing. Where feasible, isolating or sandboxing applications using libsoup can limit the impact of crashes. Regularly updating all dependencies and monitoring security advisories related to libsoup and GNOME components is essential. Finally, implementing redundancy and failover mechanisms can reduce service disruption caused by potential crashes.