Bug 2367175 (CVE-2025-4945)

Summary: CVE-2025-4945 libsoup: Integer Overflow in Cookie Expiration Date Handling in libsoup
Product: [Other] Security Response Reporter: OSIDB Bzimport <bzimport>
Component: vulnerabilityAssignee: Product Security DevOps Team <prodsec-dev>
Status: NEW --- QA Contact:
Severity: low Docs Contact:
Priority: low    
Version: unspecifiedKeywords: Security
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: ---
Doc Text:
A flaw was found in the cookie parsing logic of the libsoup HTTP library, used in GNOME applications and other software. The vulnerability arises when processing the expiration date of cookies, where a specially crafted value can trigger an integer overflow. This may result in undefined behavior, allowing an attacker to bypass cookie expiration logic, causing persistent or unintended cookie behavior. The issue stems from improper validation of large integer inputs during date arithmetic operations within the cookie parsing routines.
 Story Points: ---
Clone Of: Environment:
Last Closed: Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 2367176, 2367177, 2367178    
Bug Blocks:    

Description OSIDB Bzimport 2025-05-19 04:52:50 UTC 
Integer Overflow or Wraparound vulnerability in the cookie parsing logic of the libsoup HTTP client/server library. This issue potentially allows improper handling of cookie expiration dates due to an integer overflow when processing excessively large values. The vulnerability arises from insufficient validation in the conversion logic of cookie expiration timestamps, which can result in undefined behavior. This may enable an attacker to craft malicious cookies that never expire or behave unpredictably, impacting session management and security policies in applications relying on libsoup
Comment 1 errata-xmlrpc 2025-11-04 15:24:03 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2025:19714 https://access.redhat.com/errata/RHSA-2025:19714
Comment 2 errata-xmlrpc 2025-11-04 16:46:35 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2025:19713 https://access.redhat.com/errata/RHSA-2025:19713
Comment 3 errata-xmlrpc 2025-11-04 17:52:19 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 10

Via RHSA-2025:19720 https://access.redhat.com/errata/RHSA-2025:19720
Comment 4 errata-xmlrpc 2025-11-11 15:00:25 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2025:20959 https://access.redhat.com/errata/RHSA-2025:20959
Comment 5 errata-xmlrpc 2025-11-11 19:48:10 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 10

Via RHSA-2025:21032 https://access.redhat.com/errata/RHSA-2025:21032
Comment 6 errata-xmlrpc 2025-11-18 05:42:48 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions

Via RHSA-2025:21655 https://access.redhat.com/errata/RHSA-2025:21655
Comment 7 errata-xmlrpc 2025-11-18 05:50:08 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions

Via RHSA-2025:21656 https://access.redhat.com/errata/RHSA-2025:21656
Comment 8 errata-xmlrpc 2025-11-18 05:58:54 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7 Extended Lifecycle Support

Via RHSA-2025:21657 https://access.redhat.com/errata/RHSA-2025:21657
Comment 9 errata-xmlrpc 2025-11-18 08:48:59 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support
  Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions
  Red Hat Enterprise Linux 8.6 Telecommunications Update Service

Via RHSA-2025:21664 https://access.redhat.com/errata/RHSA-2025:21664
Comment 10 errata-xmlrpc 2025-11-18 09:01:31 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions

Via RHSA-2025:21665 https://access.redhat.com/errata/RHSA-2025:21665
Comment 11 errata-xmlrpc 2025-11-18 09:04:52 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.4 Extended Update Support

Via RHSA-2025:21666 https://access.redhat.com/errata/RHSA-2025:21666
Comment 12 errata-xmlrpc 2025-11-19 17:33:09 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support
  Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On

Via RHSA-2025:21772 https://access.redhat.com/errata/RHSA-2025:21772
Comment 13 errata-xmlrpc 2025-11-25 05:09:40 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.2 Advanced Update Support

Via RHSA-2025:22013 https://access.redhat.com/errata/RHSA-2025:22013