CVE-2025-32049

Updated: 2025-08-20 00:43:48.260998

Description:

A flaw was found in libsoup. The SoupWebsocketConnection may accept a large WebSocket message, which may cause libsoup to allocate memory and lead to a denial of service (DoS).


Links NIST CIRCL RHEL Ubuntu

Severity

Severity Score
CVSS Version 2.x NONE 0.0
CVSS Version 3.x HIGH 7.5

Status

OS name Project name Version Score Severity Status Errata Last updated

Statement
AlmaLinux 9.2 ESU libsoup 2.72.0 7.5 HIGH Released CLSA-2026:1768925986 2026-01-20 19:05:53
AlmaLinux 9.2 ESU kernel 5.14.0 7.5 HIGH Not Vulnerable 2025-09-11 21:46:52
CentOS 7 ELS kernel 3.10.0 7.5 HIGH Not Vulnerable 2025-11-19 17:04:59 Not vulnerable: CVE-2025-32049 affects libsoup’s SoupWebsocketConnection (user‑space WebSocket h...
CentOS 7 ELS libsoup 2.62.2 7.5 HIGH Released CLSA-2025:1762792127 2025-11-21 21:27:47 Not vulnerable: CVE-2025-32049 affects libsoup’s SoupWebsocketConnection (user‑space WebSocket h...
CentOS 8.4 ELS kernel 4.18.0 7.5 HIGH Not Vulnerable 2025-09-11 21:46:53 Not affected: CVE-2025-32049 targets libsoup’s user‑space SoupWebsocketConnection handling of ov...
CentOS 8.5 ELS kernel 4.18.0 7.5 HIGH Not Vulnerable 2025-09-11 21:46:53 Not affected: CVE-2025-32049 targets libsoup’s user‑space SoupWebsocketConnection handling of ov...
CentOS Stream 8 ELS kernel 4.18.0 7.5 HIGH Not Vulnerable 2025-09-11 21:46:52 Not affected: CVE-2025-32049 targets libsoup’s user‑space SoupWebsocketConnection handling of ov...
CloudLinux 7 ELS kernel 3.10.0 7.5 HIGH Not Vulnerable 2025-12-03 19:31:39 Not vulnerable: CVE-2025-32049 affects libsoup’s SoupWebsocketConnection (user‑space WebSocket h...
Oracle Linux 7 ELS kernel 3.10.0 7.5 HIGH Needs Triage 2026-02-28 01:58:54
Oracle Linux 7 ELS libsoup 2.62.2 7.5 HIGH Already Fixed 2025-11-12 22:48:27
Total: 13