Threats Tagged 'cve-2026-1761'

Two security vulnerabilities have been identified in the libsoup HTTP client and server library used in GNOME, affecting Red Hat Enterprise Linux 9.4 Extended Update Support and related variants. The first vulnerability (CVE-2026-0719) involves a signed to unsigned conversion error that leads to a stack-based buffer overflow during NTLM authentication. The second vulnerability (CVE-2026-1761) is a stack-based buffer overflow in multipart HTTP response parsing. Red Hat has issued an important security advisory with updated libsoup packages addressing these issues.

Two security vulnerabilities were identified in libsoup3, an HTTP library used by GNOME applications. The first is a signed to unsigned conversion error that leads to a stack-based buffer overflow in NTLM authentication (CVE-2026-0719). The second is a stack-based buffer overflow in multipart HTTP response parsing (CVE-2026-1761). These issues affect Red Hat Enterprise Linux 10.0 Extended Update Support and related CodeReady Linux Builder variants. Red Hat has released security updates addressing these vulnerabilities.

Two security vulnerabilities have been identified in the libsoup HTTP client and server library used in GNOME, affecting Red Hat Enterprise Linux 9.2. The first is a signed to unsigned conversion error that leads to a stack-based buffer overflow in libsoup NTLM authentication (CVE-2026-0719). The second is a stack-based buffer overflow in libsoup multipart response parsing (CVE-2026-1761). Red Hat has issued an important security advisory with updates to address these issues. The vulnerabilities are rated as having a high security impact. Updated libsoup packages are available for Red Hat Enterprise Linux 9.2 and related variants. Users should apply the provided updates to remediate these vulnerabilities.

Two security vulnerabilities have been identified in the libsoup HTTP client and server library used in GNOME, affecting Red Hat Enterprise Linux 8.8 variants. The first vulnerability (CVE-2026-0719) involves a signed to unsigned conversion error that leads to a stack-based buffer overflow during NTLM authentication. The second vulnerability (CVE-2026-1761) is a stack-based buffer overflow in multipart HTTP response parsing. Red Hat has issued an important security update addressing these issues for affected packages in RHEL 8.8. No CVSS scores are provided in the advisory.

Two stack-based buffer overflow vulnerabilities were identified in the libsoup HTTP client and server library used by GNOME. One is caused by a signed to unsigned conversion error in NTLM authentication (CVE-2026-0719), and the other occurs in multipart HTTP response parsing (CVE-2026-1761). These vulnerabilities affect Red Hat Enterprise Linux 9.6 Extended Update Support and related variants. Red Hat has issued security updates to address these issues.

Two stack-based buffer overflow vulnerabilities have been identified in the libsoup HTTP client and server library used by GNOME. One vulnerability (CVE-2026-0719) arises from a signed to unsigned conversion error in NTLM authentication, and the other (CVE-2026-1761) occurs during multipart HTTP response parsing. These issues affect Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions across multiple architectures. Red Hat has issued a security advisory with updated packages to address these vulnerabilities.

Two stack-based buffer overflow vulnerabilities have been identified in libsoup3, an HTTP library used by GNOME applications for asynchronous HTTP communication. The first vulnerability (CVE-2026-0719) arises from a signed to unsigned conversion error in NTLM authentication. The second (CVE-2026-1761) involves buffer overflow during multipart HTTP response parsing. These issues affect Red Hat Enterprise Linux 10 and related CodeReady Linux Builder packages. Red Hat has released security updates addressing these vulnerabilities.

Two stack-based buffer overflow vulnerabilities have been identified in libsoup, affecting the spice-client-win MSI installers for Windows clients on Red Hat Enterprise Linux 8. One vulnerability (CVE-2026-0719) is due to a signed to unsigned conversion error in NTLM authentication, and the other (CVE-2026-1761) occurs during multipart HTTP response parsing. Red Hat has released security updates addressing these issues for multiple architectures and extended life cycle versions of Red Hat Enterprise Linux 8.

Two security vulnerabilities have been identified in the libsoup HTTP client and server library used in GNOME, affecting Red Hat Enterprise Linux 8. These include a signed to unsigned conversion error causing a stack-based buffer overflow in NTLM authentication (CVE-2026-0719) and a stack-based buffer overflow in multipart HTTP response parsing (CVE-2026-1761). Red Hat has issued an important security advisory with updated libsoup packages to address these issues.

Two security vulnerabilities have been identified in the libsoup HTTP client and server library for GNOME, used in Red Hat Enterprise Linux 9. These include a signed to unsigned conversion error causing a stack-based buffer overflow in NTLM authentication (CVE-2026-0719) and a stack-based buffer overflow in multipart HTTP response parsing (CVE-2026-1761). Red Hat has issued an important security advisory with updates to address these issues. The vulnerabilities are rated as having important security impact, and updated libsoup packages are available for Red Hat Enterprise Linux 9 across multiple architectures.