{}

{}

{}

{"bugzilla": {"description": "libsoup: Out-of-Bounds Read in libsoup WebSocket Frame Processing", "id": "2427896", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2427896"}, "csaw": false, "cvss3": {"cvss3_base_score": "4.8", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L", "status": "draft"}, "cwe": "CWE-805", "details": ["A flaw was found in libsoup\u2019s WebSocket frame processing when handling incoming messages. If a non-default configuration is used where the maximum incoming payload size is unset, the library may read memory outside the intended bounds. This can cause unintended memory exposure or a crash. Applications using libsoup\u2019s WebSocket support with this configuration may be impacted."], "mitigation": {"lang": "en:us", "value": "To mitigate this issue, applications utilizing libsoup's WebSocket support should ensure that the `max_incoming_payload_size` is explicitly set to a non-zero value. This prevents the library from processing WebSocket frames with an unset or zero maximum payload size, which can lead to out-of-bounds reads. Consult application-specific documentation for configuring libsoup parameters."}, "name": "CVE-2026-0716", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Fix deferred", "package_name": "libsoup3", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "libsoup", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Fix deferred", "package_name": "libsoup", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Fix deferred", "package_name": "libsoup", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Fix deferred", "package_name": "libsoup", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2026-01-08T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2026-0716\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-0716\nhttps://gitlab.gnome.org/GNOME/libsoup/-/issues/476"], "statement": "This vulnerability is rated Moderate for Red Hat because it requires a non-default configuration where `max_incoming_payload_size` is explicitly set to 0 or unset in libsoup's WebSocket frame processing. In typical Red Hat deployments, this configuration is not enabled by default, limiting the exposure to memory disclosure or application instability.", "threat_severity": "Moderate"}

{}