Libsoup: soupmultipartinputstream: libsoup: out-of-bounds read in soup_multipart_input_stream_read_headers via an oversized multipart boundary string
Summary
An out-of-bounds read vulnerability was found in libsoup's multipart processing subsystem. The flaw exists in the soup_multipart_input_stream_read_headers() function inside soup-multipart-input-stream.c, which does not adequately restrict or validate the size of incoming multipart boundary strings. When processing a crafted HTTP response containing a malformed or oversized boundary parameter, the internal stream reader reads past the allocated buffer bounds. A remote, unauthenticated attacker can exploit this behavior to cause a service denial (DoS) through application failure or potentially read fragments of unauthorized memory metadata. Affected products named by the advisory: Red Hat Enterprise Linux 10; Red Hat Enterprise Linux 8; Red Hat Enterprise Linux 9.
What this means
In plain English
An out-of-bounds read occurs when libsoup processes a crafted HTTP response with a malformed or oversized multipart boundary parameter. The vulnerable stream reader can read beyond its allocated buffer. A remote, unauthenticated attacker could trigger service denial through application failure and might expose fragments of memory metadata.
Recommended action
The vendor has not specified a fixed release, workaround, or other mitigation. Follow the official advisory for remediation guidance.
Written by AI strictly from the parsed advisory data above — versions, scores and dates are never AI-generated. The vendor advisory is authoritative.
Affected versions
No affected-version range was extracted from the source record. The vendor advisory is authoritative — check it before change work.
Official advisory · medium-confidence parse· fetched 2 hours ago·verify at source
Fixed versions
No fixed release is recorded yet. That does not prove no patch exists — confirm against the vendor advisory.
Official advisory · medium-confidence parse· fetched 2 hours ago·verify at source
Mitigation
The source record does not include mitigation steps. That is not a statement that no fix exists — read the vendor advisory below for the authoritative guidance.
Official advisory · medium-confidence parse· fetched 2 hours ago·verify at source
Discussion(0)
No comments yet. Share field notes, upgrade gotchas, or questions — verify against the vendor advisory before acting on community advice.
Sign in to join the discussion.