Bug 2399627 (CVE-2025-11021) - CVE-2025-11021 libsoup: Out-of-Bounds Read in Cookie Date Handling of libsoup HTTP Library
Summary: CVE-2025-11021 libsoup: Out-of-Bounds Read in Cookie Date Handling of libsoup...
Keywords:
Status: NEW
Alias: CVE-2025-11021
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
high
high
Target Milestone: ---
Assignee: Product Security DevOps Team
QA Contact:
URL:
Whiteboard:
Depends On: 2399629 2399630 2399631 2399632 2399633 2399634
Blocks:
TreeView+ depends on / blocked
 
Reported: 2025-09-26 07:19 UTC by OSIDB Bzimport
Modified: 2025-11-25 05:09 UTC (History)
0 users

Fixed In Version:
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2025:20015 0 None None None 2025-11-10 11:55:54 UTC
Red Hat Product Errata RHSA-2025:18183 0 None None None 2025-10-15 20:31:53 UTC
Red Hat Product Errata RHSA-2025:19713 0 None None None 2025-11-04 16:46:36 UTC
Red Hat Product Errata RHSA-2025:19714 0 None None None 2025-11-04 15:24:05 UTC
Red Hat Product Errata RHSA-2025:20959 0 None None None 2025-11-11 15:00:28 UTC
Red Hat Product Errata RHSA-2025:21032 0 None None None 2025-11-11 19:48:14 UTC
Red Hat Product Errata RHSA-2025:21655 0 None None None 2025-11-18 05:42:53 UTC
Red Hat Product Errata RHSA-2025:21656 0 None None None 2025-11-18 05:50:09 UTC
Red Hat Product Errata RHSA-2025:21657 0 None None None 2025-11-18 05:58:55 UTC
Red Hat Product Errata RHSA-2025:21664 0 None None None 2025-11-18 08:49:02 UTC
Red Hat Product Errata RHSA-2025:21665 0 None None None 2025-11-18 09:01:31 UTC
Red Hat Product Errata RHSA-2025:21666 0 None None None 2025-11-18 09:04:53 UTC
Red Hat Product Errata RHSA-2025:21772 0 None None None 2025-11-19 17:33:14 UTC
Red Hat Product Errata RHSA-2025:22013 0 None None None 2025-11-25 05:09:43 UTC

Description OSIDB Bzimport 2025-09-26 07:19:27 UTC 
Out-of-Bounds Read vulnerability in the cookie date handling code of the libsoup HTTP library. The flaw is caused by improper bounds checking in the soup_date_time_to_string() function when formatting crafted cookie expiration dates. An attacker can exploit this by sending specially crafted HTTP cookies, potentially leading to unintended memory disclosure. In production builds, the impact is expected to be limited to incorrect output rather than consistent crashes.
Comment 1 errata-xmlrpc 2025-10-15 20:31:52 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 10

Via RHSA-2025:18183 https://access.redhat.com/errata/RHSA-2025:18183
Comment 2 errata-xmlrpc 2025-11-04 15:24:04 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2025:19714 https://access.redhat.com/errata/RHSA-2025:19714
Comment 3 errata-xmlrpc 2025-11-04 16:46:35 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2025:19713 https://access.redhat.com/errata/RHSA-2025:19713
Comment 4 errata-xmlrpc 2025-11-11 15:00:27 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2025:20959 https://access.redhat.com/errata/RHSA-2025:20959
Comment 5 errata-xmlrpc 2025-11-11 19:48:13 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 10

Via RHSA-2025:21032 https://access.redhat.com/errata/RHSA-2025:21032
Comment 6 errata-xmlrpc 2025-11-18 05:42:52 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions

Via RHSA-2025:21655 https://access.redhat.com/errata/RHSA-2025:21655
Comment 7 errata-xmlrpc 2025-11-18 05:50:08 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions

Via RHSA-2025:21656 https://access.redhat.com/errata/RHSA-2025:21656
Comment 8 errata-xmlrpc 2025-11-18 05:58:54 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7 Extended Lifecycle Support

Via RHSA-2025:21657 https://access.redhat.com/errata/RHSA-2025:21657
Comment 9 errata-xmlrpc 2025-11-18 08:49:01 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support
  Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions
  Red Hat Enterprise Linux 8.6 Telecommunications Update Service

Via RHSA-2025:21664 https://access.redhat.com/errata/RHSA-2025:21664
Comment 10 errata-xmlrpc 2025-11-18 09:01:30 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions

Via RHSA-2025:21665 https://access.redhat.com/errata/RHSA-2025:21665
Comment 11 errata-xmlrpc 2025-11-18 09:04:52 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.4 Extended Update Support

Via RHSA-2025:21666 https://access.redhat.com/errata/RHSA-2025:21666
Comment 12 errata-xmlrpc 2025-11-19 17:33:13 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support
  Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On

Via RHSA-2025:21772 https://access.redhat.com/errata/RHSA-2025:21772
Comment 13 errata-xmlrpc 2025-11-25 05:09:42 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.2 Advanced Update Support

Via RHSA-2025:22013 https://access.redhat.com/errata/RHSA-2025:22013
Note You need to log in before you can comment on or make changes to this bug.