CNNVD-202510-3268 Information

CNNVD ID

CNNVD-202510-3268

Related CVE

CVE-2025-12105

• CNNVD Published: 2025-10-23

Description (Chinese)

libsoup是GNOME项目的一款GNOME的HTTP客户端/服务器库。 libsoup存在资源管理错误漏洞，该漏洞源于异步消息队列处理中缺少状态同步，可能导致释放后重用和拒绝服务攻击。

Description (English)

Libsoup is the HTTP client/server library of the GNOME project. Libsoup has a resource management error loophole, which stems from the lack of a state of synchronization in the walk-in news queue processing, which may lead to reuse and denial of service attacks after release.

Hazard Level

Medium

Vulnerability Type

资源管理错误

Affected Vendor

GNOME

Published

2025-10-23

Last Modified

2026-02-24

References

https://bugzilla.redhat.com/show_bug.cgi?id=2405992 https://access.redhat.com/security/cve/CVE-2025-12105 https://vigilance.fr/vulnerability/libsoup-use-after-free-via-Asynchronous-Message-Queue-49084