CVE-2025-2784
Libsoup: heap buffer over-read in `skip_insignificant_space` when sniffing content
A flaw was found in libsoup. The package is vulnerable to a heap buffer over-read when sniffing content via the skip_insight_whitespace() function. Libsoup clients may read one byte out-of-bounds in response to a crafted HTTP response by an HTTP server.
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H
Produtos afetados
libsoupRed Hat · Red Hat Enterprise Linux 10Red Hat · Red Hat Enterprise Linux 6Red Hat · Red Hat Enterprise Linux 7 Extended Lifecycle SupportRed Hat · Red Hat Enterprise Linux 8Red Hat · Red Hat Enterprise Linux 8.2 Advanced Update SupportRed Hat · Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update SupportRed Hat · Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update SupportRed Hat · Red Hat Enterprise Linux 8.6 Telecommunications Update ServiceRed Hat · Red Hat Enterprise Linux 8.6 Update Services for SAP SolutionsRed Hat · Red Hat Enterprise Linux 8.8 Extended Update SupportRed Hat · Red Hat Enterprise Linux 9Red Hat · Red Hat Enterprise Linux 9.0 Update Services for SAP SolutionsRed Hat · Red Hat Enterprise Linux 9.2 Extended Update SupportRed Hat · Red Hat Enterprise Linux 9.4 Extended Update SupportQuer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →Referências
https://access.redhat.com/errata/RHSA-2025:21657https://access.redhat.com/errata/RHSA-2025:7505https://access.redhat.com/errata/RHSA-2025:8126https://access.redhat.com/errata/RHSA-2025:8132https://access.redhat.com/errata/RHSA-2025:8139https://access.redhat.com/errata/RHSA-2025:8140https://access.redhat.com/errata/RHSA-2025:8252https://access.redhat.com/errata/RHSA-2025:8480https://access.redhat.com/errata/RHSA-2025:8481https://access.redhat.com/errata/RHSA-2025:8482https://access.redhat.com/errata/RHSA-2025:8663https://access.redhat.com/errata/RHSA-2025:9179