Red Hat Security Advisory: libsoup security update
Multiple security vulnerabilities were identified in the libsoup HTTP client and server library for GNOME, affecting Red Hat Enterprise Linux 8.2. These include out-of-bounds reads, double free, NULL pointer dereference, information disclosure via improper Authorization header forwarding, and memory leaks. Red Hat has issued a security advisory (RHSA-2025:4538) addressing these issues with updated packages. The vulnerabilities have been rated as having an important security impact. No confirmed exploits in the wild are reported. Users are advised to apply the provided updates to remediate these issues.
AI Analysis
Technical Summary
The libsoup library used in GNOME for HTTP client and server functionality contains multiple vulnerabilities: CVE-2025-32906 involves out-of-bounds reads in soup_headers_parse_request(); CVE-2025-32911 is a double free vulnerability in soup_message_headers_get_content_disposition() related to GHashTable values; CVE-2025-32913 is a NULL pointer dereference in the same function when a 'filename' parameter is present but empty; CVE-2025-46421 concerns information disclosure where the libsoup client may send Authorization headers to unintended hosts during redirects; and CVE-2025-46420 is a memory leak in soup_header_parse_quality_list(). Red Hat has released updated libsoup packages for Red Hat Enterprise Linux 8.2 to address these issues as detailed in advisory RHSA-2025:4538.
Potential Impact
These vulnerabilities can lead to memory corruption issues such as out-of-bounds reads, double frees, and NULL pointer dereferences, potentially causing application crashes or undefined behavior. The information disclosure vulnerability may allow sensitive Authorization headers to be sent to unintended hosts during HTTP redirects, risking credential leakage. The memory leak could degrade application performance over time. Collectively, these issues pose a significant risk to applications relying on libsoup for HTTP communications.
Mitigation Recommendations
Red Hat has released updated libsoup packages for Red Hat Enterprise Linux 8.2 that address these vulnerabilities. Users should apply these official patches as described in Red Hat advisory RHSA-2025:4538 and the referenced update article (https://access.redhat.com/articles/11258). No additional mitigation steps are indicated beyond applying the vendor-provided updates.
Red Hat Security Advisory: libsoup security update
Description
Multiple security vulnerabilities were identified in the libsoup HTTP client and server library for GNOME, affecting Red Hat Enterprise Linux 8.2. These include out-of-bounds reads, double free, NULL pointer dereference, information disclosure via improper Authorization header forwarding, and memory leaks. Red Hat has issued a security advisory (RHSA-2025:4538) addressing these issues with updated packages. The vulnerabilities have been rated as having an important security impact. No confirmed exploits in the wild are reported. Users are advised to apply the provided updates to remediate these issues.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
The libsoup library used in GNOME for HTTP client and server functionality contains multiple vulnerabilities: CVE-2025-32906 involves out-of-bounds reads in soup_headers_parse_request(); CVE-2025-32911 is a double free vulnerability in soup_message_headers_get_content_disposition() related to GHashTable values; CVE-2025-32913 is a NULL pointer dereference in the same function when a 'filename' parameter is present but empty; CVE-2025-46421 concerns information disclosure where the libsoup client may send Authorization headers to unintended hosts during redirects; and CVE-2025-46420 is a memory leak in soup_header_parse_quality_list(). Red Hat has released updated libsoup packages for Red Hat Enterprise Linux 8.2 to address these issues as detailed in advisory RHSA-2025:4538.
Potential Impact
These vulnerabilities can lead to memory corruption issues such as out-of-bounds reads, double frees, and NULL pointer dereferences, potentially causing application crashes or undefined behavior. The information disclosure vulnerability may allow sensitive Authorization headers to be sent to unintended hosts during HTTP redirects, risking credential leakage. The memory leak could degrade application performance over time. Collectively, these issues pose a significant risk to applications relying on libsoup for HTTP communications.
Mitigation Recommendations
Red Hat has released updated libsoup packages for Red Hat Enterprise Linux 8.2 that address these vulnerabilities. Users should apply these official patches as described in Red Hat advisory RHSA-2025:4538 and the referenced update article (https://access.redhat.com/articles/11258). No additional mitigation steps are indicated beyond applying the vendor-provided updates.
Technical Details
- Gcve Source
- db.gcve.eu
- Csaf Category
- csaf_security_advisory
- Csaf Version
- 2.0
- Publisher
- Red Hat Product Security
- Advisory Id
- RHSA-2025:4538
- Cve Count
- 5
- Additional Cves
- ["CVE-2025-32911","CVE-2025-32913","CVE-2025-46420","CVE-2025-46421"]
- Cvss Version
- null
Threat ID: 6a4049eb27e9c79719836a5f
Added to database: 06/27/2026, 22:08:43 UTC
Last enriched: 06/27/2026, 22:40:50 UTC
Last updated: 06/27/2026, 22:51:26 UTC
Views: 2
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.