Red Hat Product Errata RHSA-2025:8482 - Security Advisory
Issued:
2025-06-04
Updated:
2025-06-04

RHSA-2025:8482 - Security Advisory

Synopsis

Important: libsoup security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for libsoup is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The libsoup packages provide an HTTP client and server library for GNOME.

Security Fix(es):

  • libsoup: Heap buffer over-read in `skip_insignificant_space` when sniffing content (CVE-2025-2784)
  • libsoup: Denial of Service attack to websocket server (CVE-2025-32049)
  • libsoup: OOB Read on libsoup through function "soup_multipart_new_from_message" in soup-multipart.c leads to crash or exit of process (CVE-2025-32914)
  • libsoup: Integer Underflow in soup_multipart_new_from_message() Leading to Denial of Service in libsoup (CVE-2025-4948)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

  • Red Hat Enterprise Linux for x86_64 - Extended Update Support Extension 8.6 x86_64
  • Red Hat Enterprise Linux Server - AUS 8.6 x86_64
  • Red Hat Enterprise Linux Server - TUS 8.6 x86_64
  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.6 ppc64le
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.6 x86_64

Fixes

  • BZ - 2354669 - CVE-2025-2784 libsoup: Heap buffer over-read in `skip_insignificant_space` when sniffing content
  • BZ - 2357066 - CVE-2025-32049 libsoup: Denial of Service attack to websocket server
  • BZ - 2359358 - CVE-2025-32914 libsoup: OOB Read on libsoup through function "soup_multipart_new_from_message" in soup-multipart.c leads to crash or exit of process
  • BZ - 2367183 - CVE-2025-4948 libsoup: Integer Underflow in soup_multipart_new_from_message() Leading to Denial of Service in libsoup

Red Hat Enterprise Linux for x86_64 - Extended Update Support Extension 8.6

SRPM
libsoup-2.62.3-2.el8_6.5.src.rpm SHA-256: f0a2b9a5170b7f86f3851b55fb522b05dacfcecc17d0373b8587b063d5785afe
x86_64
libsoup-2.62.3-2.el8_6.5.i686.rpm SHA-256: 9110f59ccf61365dadd21243e432bab194e98ad5d41a41ef3a6d4aa45475d636
libsoup-2.62.3-2.el8_6.5.x86_64.rpm SHA-256: c655fc94c8e729aa85cb49cec39e0a0eaad0ae0a791db5b794928576a0589ee1
libsoup-debuginfo-2.62.3-2.el8_6.5.i686.rpm SHA-256: 54d05e97be37211c1468e840aa1ed8526a246d4af3f7953e55b26e107399e355
libsoup-debuginfo-2.62.3-2.el8_6.5.i686.rpm SHA-256: 54d05e97be37211c1468e840aa1ed8526a246d4af3f7953e55b26e107399e355
libsoup-debuginfo-2.62.3-2.el8_6.5.x86_64.rpm SHA-256: eedf31c9670b453643c04284cf32577379ffa6104290b2046e84f0f8cf38db0a
libsoup-debuginfo-2.62.3-2.el8_6.5.x86_64.rpm SHA-256: eedf31c9670b453643c04284cf32577379ffa6104290b2046e84f0f8cf38db0a
libsoup-debugsource-2.62.3-2.el8_6.5.i686.rpm SHA-256: 2fc85d4f734245c6bb1e71ebc0228b77993de628666be878c8b09bc3e6cf42f5
libsoup-debugsource-2.62.3-2.el8_6.5.i686.rpm SHA-256: 2fc85d4f734245c6bb1e71ebc0228b77993de628666be878c8b09bc3e6cf42f5
libsoup-debugsource-2.62.3-2.el8_6.5.x86_64.rpm SHA-256: f877bce3dc07a0b54c1ebc1b928e7316bbc4ff584af3aed0f5ad49c716c796a4
libsoup-debugsource-2.62.3-2.el8_6.5.x86_64.rpm SHA-256: f877bce3dc07a0b54c1ebc1b928e7316bbc4ff584af3aed0f5ad49c716c796a4
libsoup-devel-2.62.3-2.el8_6.5.i686.rpm SHA-256: 9dd3acb0fe0703e7b1e1c60806e2b0ec17d1e08ee46cbaca250d64e1d3fb518d
libsoup-devel-2.62.3-2.el8_6.5.x86_64.rpm SHA-256: 694bcf42f630df9f970325d2fc1c758a27e9780a1407437cc9650d378b9bf40d

Red Hat Enterprise Linux Server - AUS 8.6

SRPM
libsoup-2.62.3-2.el8_6.5.src.rpm SHA-256: f0a2b9a5170b7f86f3851b55fb522b05dacfcecc17d0373b8587b063d5785afe
x86_64
libsoup-2.62.3-2.el8_6.5.i686.rpm SHA-256: 9110f59ccf61365dadd21243e432bab194e98ad5d41a41ef3a6d4aa45475d636
libsoup-2.62.3-2.el8_6.5.x86_64.rpm SHA-256: c655fc94c8e729aa85cb49cec39e0a0eaad0ae0a791db5b794928576a0589ee1
libsoup-debuginfo-2.62.3-2.el8_6.5.i686.rpm SHA-256: 54d05e97be37211c1468e840aa1ed8526a246d4af3f7953e55b26e107399e355
libsoup-debuginfo-2.62.3-2.el8_6.5.i686.rpm SHA-256: 54d05e97be37211c1468e840aa1ed8526a246d4af3f7953e55b26e107399e355
libsoup-debuginfo-2.62.3-2.el8_6.5.x86_64.rpm SHA-256: eedf31c9670b453643c04284cf32577379ffa6104290b2046e84f0f8cf38db0a
libsoup-debuginfo-2.62.3-2.el8_6.5.x86_64.rpm SHA-256: eedf31c9670b453643c04284cf32577379ffa6104290b2046e84f0f8cf38db0a
libsoup-debugsource-2.62.3-2.el8_6.5.i686.rpm SHA-256: 2fc85d4f734245c6bb1e71ebc0228b77993de628666be878c8b09bc3e6cf42f5
libsoup-debugsource-2.62.3-2.el8_6.5.i686.rpm SHA-256: 2fc85d4f734245c6bb1e71ebc0228b77993de628666be878c8b09bc3e6cf42f5
libsoup-debugsource-2.62.3-2.el8_6.5.x86_64.rpm SHA-256: f877bce3dc07a0b54c1ebc1b928e7316bbc4ff584af3aed0f5ad49c716c796a4
libsoup-debugsource-2.62.3-2.el8_6.5.x86_64.rpm SHA-256: f877bce3dc07a0b54c1ebc1b928e7316bbc4ff584af3aed0f5ad49c716c796a4
libsoup-devel-2.62.3-2.el8_6.5.i686.rpm SHA-256: 9dd3acb0fe0703e7b1e1c60806e2b0ec17d1e08ee46cbaca250d64e1d3fb518d
libsoup-devel-2.62.3-2.el8_6.5.x86_64.rpm SHA-256: 694bcf42f630df9f970325d2fc1c758a27e9780a1407437cc9650d378b9bf40d

Red Hat Enterprise Linux Server - TUS 8.6

SRPM
libsoup-2.62.3-2.el8_6.5.src.rpm SHA-256: f0a2b9a5170b7f86f3851b55fb522b05dacfcecc17d0373b8587b063d5785afe
x86_64
libsoup-2.62.3-2.el8_6.5.i686.rpm SHA-256: 9110f59ccf61365dadd21243e432bab194e98ad5d41a41ef3a6d4aa45475d636
libsoup-2.62.3-2.el8_6.5.x86_64.rpm SHA-256: c655fc94c8e729aa85cb49cec39e0a0eaad0ae0a791db5b794928576a0589ee1
libsoup-debuginfo-2.62.3-2.el8_6.5.i686.rpm SHA-256: 54d05e97be37211c1468e840aa1ed8526a246d4af3f7953e55b26e107399e355
libsoup-debuginfo-2.62.3-2.el8_6.5.i686.rpm SHA-256: 54d05e97be37211c1468e840aa1ed8526a246d4af3f7953e55b26e107399e355
libsoup-debuginfo-2.62.3-2.el8_6.5.x86_64.rpm SHA-256: eedf31c9670b453643c04284cf32577379ffa6104290b2046e84f0f8cf38db0a
libsoup-debuginfo-2.62.3-2.el8_6.5.x86_64.rpm SHA-256: eedf31c9670b453643c04284cf32577379ffa6104290b2046e84f0f8cf38db0a
libsoup-debugsource-2.62.3-2.el8_6.5.i686.rpm SHA-256: 2fc85d4f734245c6bb1e71ebc0228b77993de628666be878c8b09bc3e6cf42f5
libsoup-debugsource-2.62.3-2.el8_6.5.i686.rpm SHA-256: 2fc85d4f734245c6bb1e71ebc0228b77993de628666be878c8b09bc3e6cf42f5
libsoup-debugsource-2.62.3-2.el8_6.5.x86_64.rpm SHA-256: f877bce3dc07a0b54c1ebc1b928e7316bbc4ff584af3aed0f5ad49c716c796a4
libsoup-debugsource-2.62.3-2.el8_6.5.x86_64.rpm SHA-256: f877bce3dc07a0b54c1ebc1b928e7316bbc4ff584af3aed0f5ad49c716c796a4
libsoup-devel-2.62.3-2.el8_6.5.i686.rpm SHA-256: 9dd3acb0fe0703e7b1e1c60806e2b0ec17d1e08ee46cbaca250d64e1d3fb518d
libsoup-devel-2.62.3-2.el8_6.5.x86_64.rpm SHA-256: 694bcf42f630df9f970325d2fc1c758a27e9780a1407437cc9650d378b9bf40d

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.6

SRPM
libsoup-2.62.3-2.el8_6.5.src.rpm SHA-256: f0a2b9a5170b7f86f3851b55fb522b05dacfcecc17d0373b8587b063d5785afe
ppc64le
libsoup-2.62.3-2.el8_6.5.ppc64le.rpm SHA-256: 06df11cc0366a1ee7279e20767fee440cf8bbbd345a0a4e9c58ae9533ba51a22
libsoup-debuginfo-2.62.3-2.el8_6.5.ppc64le.rpm SHA-256: fde7346c3d496c43aedb8ee73e46da379051fc7439bf0bf76a2d5153fd7742c7
libsoup-debuginfo-2.62.3-2.el8_6.5.ppc64le.rpm SHA-256: fde7346c3d496c43aedb8ee73e46da379051fc7439bf0bf76a2d5153fd7742c7
libsoup-debugsource-2.62.3-2.el8_6.5.ppc64le.rpm SHA-256: 290e9715a45dd3f85d4f06032ce8d0abaa78cab8528292485007432c9274dd7b
libsoup-debugsource-2.62.3-2.el8_6.5.ppc64le.rpm SHA-256: 290e9715a45dd3f85d4f06032ce8d0abaa78cab8528292485007432c9274dd7b
libsoup-devel-2.62.3-2.el8_6.5.ppc64le.rpm SHA-256: cc4e777c4b9c9ea1e77ed2603914f8250148ec31111ee3fb911f6d66c2061c25

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.6

SRPM
libsoup-2.62.3-2.el8_6.5.src.rpm SHA-256: f0a2b9a5170b7f86f3851b55fb522b05dacfcecc17d0373b8587b063d5785afe
x86_64
libsoup-2.62.3-2.el8_6.5.i686.rpm SHA-256: 9110f59ccf61365dadd21243e432bab194e98ad5d41a41ef3a6d4aa45475d636
libsoup-2.62.3-2.el8_6.5.x86_64.rpm SHA-256: c655fc94c8e729aa85cb49cec39e0a0eaad0ae0a791db5b794928576a0589ee1
libsoup-debuginfo-2.62.3-2.el8_6.5.i686.rpm SHA-256: 54d05e97be37211c1468e840aa1ed8526a246d4af3f7953e55b26e107399e355
libsoup-debuginfo-2.62.3-2.el8_6.5.i686.rpm SHA-256: 54d05e97be37211c1468e840aa1ed8526a246d4af3f7953e55b26e107399e355
libsoup-debuginfo-2.62.3-2.el8_6.5.x86_64.rpm SHA-256: eedf31c9670b453643c04284cf32577379ffa6104290b2046e84f0f8cf38db0a
libsoup-debuginfo-2.62.3-2.el8_6.5.x86_64.rpm SHA-256: eedf31c9670b453643c04284cf32577379ffa6104290b2046e84f0f8cf38db0a
libsoup-debugsource-2.62.3-2.el8_6.5.i686.rpm SHA-256: 2fc85d4f734245c6bb1e71ebc0228b77993de628666be878c8b09bc3e6cf42f5
libsoup-debugsource-2.62.3-2.el8_6.5.i686.rpm SHA-256: 2fc85d4f734245c6bb1e71ebc0228b77993de628666be878c8b09bc3e6cf42f5
libsoup-debugsource-2.62.3-2.el8_6.5.x86_64.rpm SHA-256: f877bce3dc07a0b54c1ebc1b928e7316bbc4ff584af3aed0f5ad49c716c796a4
libsoup-debugsource-2.62.3-2.el8_6.5.x86_64.rpm SHA-256: f877bce3dc07a0b54c1ebc1b928e7316bbc4ff584af3aed0f5ad49c716c796a4
libsoup-devel-2.62.3-2.el8_6.5.i686.rpm SHA-256: 9dd3acb0fe0703e7b1e1c60806e2b0ec17d1e08ee46cbaca250d64e1d3fb518d
libsoup-devel-2.62.3-2.el8_6.5.x86_64.rpm SHA-256: 694bcf42f630df9f970325d2fc1c758a27e9780a1407437cc9650d378b9bf40d

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.