ALAS2023-2025-941

Amazon Linux 2023 Security Advisory: ALAS2023-2025-941
Advisory Released Date: 2025-04-29
Advisory Updated Date: 2025-04-29

Severity: Important

References: CVE-2025-2784 CVE-2025-32050 CVE-2025-32051 CVE-2025-32052 CVE-2025-32053 CVE-2025-32906 CVE-2025-32909 CVE-2025-32910 CVE-2025-32911 CVE-2025-32912 CVE-2025-32913
FAQs regarding Amazon Linux ALAS/CVE Severity

Issue Overview:

A flaw was found in libsoup. The package is vulnerable to a heap buffer over-read when sniffing content via the skip_insight_whitespace() function. Libsoup clients may read one byte out-of-bounds in response to a crafted HTTP response by an HTTP server. (CVE-2025-2784)

A flaw was found in libsoup. The libsoup append_param_quoted() function may contain an overflow bug resulting in a buffer under-read. (CVE-2025-32050)

A flaw was found in libsoup. The libsoup soup_uri_decode_data_uri() function may crash when processing malformed data URI. This flaw allows an attacker to cause a denial of service (DoS). (CVE-2025-32051)

A flaw was found in libsoup. A vulnerability in the sniff_unknown() function may lead to heap buffer over-read. (CVE-2025-32052)

A flaw was found in libsoup. A vulnerability in sniff_feed_or_html() and skip_insignificant_space() functions may lead to a heap buffer over-read. (CVE-2025-32053)

A flaw was found in libsoup, where the soup_headers_parse_request() function may be vulnerable to an out-of-bound read. This flaw allows a malicious user to use a specially crafted HTTP request to crash the HTTP server. (CVE-2025-32906)

A flaw was found in libsoup. SoupContentSniffer may be vulnerable to a NULL pointer dereference in the sniff_mp4 function. The HTTP server may cause the libsoup client to crash. (CVE-2025-32909)

A flaw was found in libsoup, where soup_auth_digest_authenticate() is vulnerable to a NULL pointer dereference. This issue may cause the libsoup client to crash. (CVE-2025-32910)

libsoup: Double free on soup_message_headers_get_content_disposition() through "soup-message-headers.c" via "params" GHashTable value (CVE-2025-32911)

A flaw was found in libsoup, where SoupAuthDigest is vulnerable to a NULL pointer dereference. The HTTP server may cause the libsoup client to crash. (CVE-2025-32912)

A flaw was found in libsoup, where the soup_message_headers_get_content_disposition() function is vulnerable to a NULL pointer dereference. This flaw allows a malicious HTTP peer to crash a libsoup client or server that uses this function. (CVE-2025-32913)

Affected Packages:

libsoup3

Issue Correction:
Run dnf update libsoup3 --releasever 2023.7.20250428 to update your system.

New Packages:

aarch64:
    libsoup3-debuginfo-3.6.5-47.amzn2023.aarch64
    libsoup3-debugsource-3.6.5-47.amzn2023.aarch64
    libsoup3-devel-3.6.5-47.amzn2023.aarch64
    libsoup3-3.6.5-47.amzn2023.aarch64

noarch:
    libsoup3-doc-3.6.5-47.amzn2023.noarch

src:
    libsoup3-3.6.5-47.amzn2023.src

x86_64:
    libsoup3-debuginfo-3.6.5-47.amzn2023.x86_64
    libsoup3-devel-3.6.5-47.amzn2023.x86_64
    libsoup3-3.6.5-47.amzn2023.x86_64
    libsoup3-debugsource-3.6.5-47.amzn2023.x86_64

Additional References

Release Notes: Amazon Linux 2023 Release Notes

Red Hat: CVE-2025-2784, CVE-2025-32050, CVE-2025-32051, CVE-2025-32052, CVE-2025-32053, CVE-2025-32906, CVE-2025-32909, CVE-2025-32910, CVE-2025-32911, CVE-2025-32912, CVE-2025-32913

Mitre: CVE-2025-2784, CVE-2025-32050, CVE-2025-32051, CVE-2025-32052, CVE-2025-32053, CVE-2025-32906, CVE-2025-32909, CVE-2025-32910, CVE-2025-32911, CVE-2025-32912, CVE-2025-32913