CVE-2025-32913
HIGHRed Hat Enterprise Linux 7 Extended Lifecycle Support - Denial of Service via NULL Pointer Dereference in libsoup
Title source: llmDescription
A flaw was found in libsoup, where the soup_message_headers_get_content_disposition() function is vulnerable to a NULL pointer dereference. This flaw allows a malicious HTTP peer to crash a libsoup client or server that uses this function.
References (15)
Core 15
Core References
Vendor Advisory vendor-advisory
x_refsource_redhat
https://access.redhat.com/errata/RHSA-2025:21657
Vendor Advisory vendor-advisory
x_refsource_redhat
https://access.redhat.com/errata/RHSA-2025:4439
Vendor Advisory vendor-advisory
x_refsource_redhat
https://access.redhat.com/errata/RHSA-2025:4440
Vendor Advisory vendor-advisory
x_refsource_redhat
https://access.redhat.com/errata/RHSA-2025:4508
Vendor Advisory vendor-advisory
x_refsource_redhat
https://access.redhat.com/errata/RHSA-2025:4538
Vendor Advisory vendor-advisory
x_refsource_redhat
https://access.redhat.com/errata/RHSA-2025:4560
Vendor Advisory vendor-advisory
x_refsource_redhat
https://access.redhat.com/errata/RHSA-2025:4568
Vendor Advisory vendor-advisory
x_refsource_redhat
https://access.redhat.com/errata/RHSA-2025:4609
Vendor Advisory vendor-advisory
x_refsource_redhat
https://access.redhat.com/errata/RHSA-2025:4624
Vendor Advisory vendor-advisory
x_refsource_redhat
https://access.redhat.com/errata/RHSA-2025:7436
Vendor Advisory vendor-advisory
x_refsource_redhat
https://access.redhat.com/errata/RHSA-2025:8292
Vendor Advisory vendor-advisory
x_refsource_redhat
https://access.redhat.com/errata/RHSA-2025:9179
Vendor Advisory vdb-entry
x_refsource_redhat
https://access.redhat.com/security/cve/CVE-2025-32913
Issue Tracking issue-tracking
x_refsource_redhat
https://bugzilla.redhat.com/show_bug.cgi?id=2359357
Scores
CVSS v3
7.5
EPSS
0.0038
EPSS Percentile
59.7%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
yes
Technical Impact
partial
Details
CWE
CWE-476
Status
published
Products (19)
Red Hat/Red Hat Enterprise Linux 10
Red Hat/Red Hat Enterprise Linux 6
Red Hat/Red Hat Enterprise Linux 7 Extended Lifecycle Support
0:2.62.2-6.el7_9
Red Hat/Red Hat Enterprise Linux 7 Extended Lifecycle Support
0:2.62.2-9.el7_9
Red Hat/Red Hat Enterprise Linux 8
0:2.62.3-8.el8_10
Red Hat/Red Hat Enterprise Linux 8
0:2.8-3.el8_10.1
Red Hat/Red Hat Enterprise Linux 8
0:8.10-1
Red Hat/Red Hat Enterprise Linux 8.2 Advanced Update Support
0:2.62.3-1.el8_2.4
Red Hat/Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support
0:2.62.3-2.el8_4.4
Red Hat/Red Hat Enterprise Linux 8.4 Telecommunications Update Service
0:2.62.3-2.el8_4.4
... and 9 more
Published
Apr 14, 2025
Tracked Since
Feb 18, 2026