ALT-BU-2025-7951-1
Branch c10f2 update bulletin.
Closed vulnerabilities
BDU:2025-00232
Уязвимость функции soup_header_parse_param_list_strict() библиотеки libsoup графического интерфейса GNOME, позволяющая нарушителю вызвать отказ в обслуживании
BDU:2025-04853
Уязвимость функции append_param_quoted() библиотеки libsoup графического интерфейса GNOME, позволяющая нарушителю вызвать отказ в обслуживании
BDU:2025-05231
Уязвимость функций sniff_feed_or_html() и skip_insignificant_space() библиотеки libsoup графического интерфейса GNOME, позволяющая нарушителю вызвать отказ в обслуживании
BDU:2025-05232
Уязвимость функции sniff_unknown() библиотеки libsoup графического интерфейса GNOME, позволяющая нарушителю вызвать отказ в обслуживании
BDU:2025-05737
Уязвимость функции skip_insight_whitespace() библиотеки libsoup графического интерфейса GNOME, позволяющая нарушителю вызвать отказ в обслуживании
BDU:2025-05738
Уязвимость библиотеки libsoup графического интерфейса GNOME, связанная с выполнением цикла с недоступным условием выхода, позволяющая нарушителю вызвать отказ в обслуживании
Modified: 2025-09-04
CVE-2024-52530
GNOME libsoup before 3.6.0 allows HTTP request smuggling in some configurations because '\0' characters at the end of header names are ignored, i.e., a "Transfer-Encoding\0: chunked" header is treated the same as a "Transfer-Encoding: chunked" header.
Modified: 2025-09-04
CVE-2024-52531
GNOME libsoup before 3.6.1 allows a buffer overflow in applications that perform conversion to UTF-8 in soup_header_parse_param_list_strict. There is a plausible way to reach this remotely via soup_message_headers_get_content_type (e.g., an application may want to retrieve the content type of a request or response).
- https://gitlab.gnome.org/GNOME/libsoup/-/merge_requests/407
- https://gitlab.gnome.org/GNOME/libsoup/-/merge_requests/407#note_2316401
- https://gitlab.gnome.org/Teams/Releng/security/-/wikis/home
- https://offsec.almond.consulting/using-aflplusplus-on-bug-bounty-programs-an-example-with-gnome-libsoup.html
Modified: 2025-09-05
CVE-2024-52532
GNOME libsoup before 3.6.1 has an infinite loop, and memory consumption. during the reading of certain patterns of WebSocket data from clients.
Modified: 2025-06-20
CVE-2025-2784
A flaw was found in libsoup. The package is vulnerable to a heap buffer over-read when sniffing content via the skip_insight_whitespace() function. Libsoup clients may read one byte out-of-bounds in response to a crafted HTTP response by an HTTP server.
- https://access.redhat.com/errata/RHSA-2025:7505
- https://access.redhat.com/errata/RHSA-2025:8126
- https://access.redhat.com/errata/RHSA-2025:8132
- https://access.redhat.com/errata/RHSA-2025:8139
- https://access.redhat.com/errata/RHSA-2025:8140
- https://access.redhat.com/errata/RHSA-2025:8252
- https://access.redhat.com/errata/RHSA-2025:8480
- https://access.redhat.com/errata/RHSA-2025:8481
- https://access.redhat.com/errata/RHSA-2025:8482
- https://access.redhat.com/errata/RHSA-2025:8663
- https://access.redhat.com/errata/RHSA-2025:9179
- https://access.redhat.com/security/cve/CVE-2025-2784
- https://bugzilla.redhat.com/show_bug.cgi?id=2354669
- https://gitlab.gnome.org/GNOME/libsoup/-/issues/422
- https://gitlab.gnome.org/GNOME/libsoup/-/issues/422
Modified: 2025-05-29
CVE-2025-32050
A flaw was found in libsoup. The libsoup append_param_quoted() function may contain an overflow bug resulting in a buffer under-read.
- https://access.redhat.com/errata/RHSA-2025:4440
- https://access.redhat.com/errata/RHSA-2025:4508
- https://access.redhat.com/errata/RHSA-2025:4560
- https://access.redhat.com/errata/RHSA-2025:4568
- https://access.redhat.com/errata/RHSA-2025:7436
- https://access.redhat.com/errata/RHSA-2025:8292
- https://access.redhat.com/security/cve/CVE-2025-32050
- https://bugzilla.redhat.com/show_bug.cgi?id=2357067
Modified: 2025-05-29
CVE-2025-32052
A flaw was found in libsoup. A vulnerability in the sniff_unknown() function may lead to heap buffer over-read.
- https://access.redhat.com/errata/RHSA-2025:4440
- https://access.redhat.com/errata/RHSA-2025:4508
- https://access.redhat.com/errata/RHSA-2025:4560
- https://access.redhat.com/errata/RHSA-2025:4568
- https://access.redhat.com/errata/RHSA-2025:7436
- https://access.redhat.com/errata/RHSA-2025:8292
- https://access.redhat.com/security/cve/CVE-2025-32052
- https://bugzilla.redhat.com/show_bug.cgi?id=2357069
Modified: 2025-05-29
CVE-2025-32053
A flaw was found in libsoup. A vulnerability in sniff_feed_or_html() and skip_insignificant_space() functions may lead to a heap buffer over-read.
- https://access.redhat.com/errata/RHSA-2025:4440
- https://access.redhat.com/errata/RHSA-2025:4508
- https://access.redhat.com/errata/RHSA-2025:4560
- https://access.redhat.com/errata/RHSA-2025:4568
- https://access.redhat.com/errata/RHSA-2025:7436
- https://access.redhat.com/errata/RHSA-2025:8292
- https://access.redhat.com/security/cve/CVE-2025-32053
- https://bugzilla.redhat.com/show_bug.cgi?id=2357070
Closed vulnerabilities
BDU:2025-05986
Уязвимость библиотеки захвата и декодирования VBI libzvbi, связанная с целочисленным переполнением в функции vbi_capture_sim_load_caption(), позволяющая нарушителю вызвать отказ в обслуживании
CVE-2025-2176
A vulnerability classified as critical has been found in libzvbi up to 0.2.43. This affects the function vbi_capture_sim_load_caption of the file src/io-sim.c. The manipulation leads to integer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 0.2.44 is able to address this issue. The identifier of the patch is ca1672134b3e2962cd392212c73f44f8f4cb489f. It is recommended to upgrade the affected component. The code maintainer was informed beforehand about the issues. She reacted very fast and highly professional.
- https://github.com/zapping-vbi/zvbi/commit/ca1672134b3e2962cd392212c73f44f8f4cb489f
- https://github.com/zapping-vbi/zvbi/releases/tag/v0.2.44
- https://github.com/zapping-vbi/zvbi/security/advisories/GHSA-g7cg-7gw9-v8cf
- https://vuldb.com/?ctiid.299205
- https://vuldb.com/?id.299205
- https://vuldb.com/?submit.512802