Cyber Resilience

CVE-2025-2784

HighPublic PoC

Published: 03 April 2025

Published
03 April 2025
Modified
18 November 2025
KEV Added
Patch
CVSS Score v3.1 7.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H
EPSS Score 0.0045 64.0th percentile
Risk Priority 14 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-2784 is a high-severity Out-of-bounds Read (CWE-125) vulnerability in Redhat Enterprise Linux Server Aus. Its CVSS base score is 7.0 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Credential Access (T1212); ranked in the top 36.0% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

EU & UK References

Vulnerability details

A flaw was found in libsoup. The package is vulnerable to a heap buffer over-read when sniffing content via the skip_insight_whitespace() function. Libsoup clients may read one byte out-of-bounds in response to a crafted HTTP response by an HTTP server.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1212 Exploitation for Credential Access Credential Access
Adversaries may exploit software vulnerabilities in an attempt to collect credentials.
T1499.004 Application or System Exploitation Impact
Adversaries may exploit software vulnerabilities that can cause an application or system to crash and deny availability to users.
Why these techniques?

Vulnerabilities in libsoup enable exploitation for credential access via improper redirect handling leaking Authorization headers (T1212) and denial of service through application crashes from OOB reads, null derefs, and HTTP/2 issues (T1499.004).

Affected Assets

gnome
libsoup
≤ 3.6.5
redhat
codeready linux builder
10.0
redhat
codeready linux builder for arm64
10.0_aarch64
redhat
codeready linux builder for arm64 eus
10.0_aarch64
redhat
codeready linux builder for ibm z systems
10.0_s390x
redhat
codeready linux builder for ibm z systems eus
10.0_s390x
redhat
codeready linux builder for power little endian
10.0_ppc64le
redhat
codeready linux builder for power little endian eus
10.0_ppc64le
redhat
enterprise linux
10.0, 8.0, 9.0
redhat
enterprise linux eus
10.0, 8.8, 9.2, 9.4, 9.6
+11 more product configuration(s) — see NVD for full list

Mitigating Controls

No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.

References