About this tag
CVE-2025-32053 is a medium-severity vulnerability in the libsoup library, involving a heap buffer over-read in its feed and HTML sniffing code that can lead to memory disclosure or crashes. The flaw is remotely reachable. Microsoft's Security Response Center (MSRC) has published product mappings indicating that Azure Linux includes the affected library and is potentially vulnerable. MSRC has also stated it will extend machine-readable attestations (CSAF/VEX) and update CVE mappings if additional Microsoft products are found to ship the vulnerable component. Discussions on WindowsForum.com focus on the Azure Linux patch guidance and the scope of MSRC's attestations for this CVE.
-
CVE-2025-32053 Libsoup: Azure Linux patch guidance and MSRC attestations
The libsoup bug tracked as CVE-2025-32053 is a medium‑severity, remotely reachable heap buffer over‑read in the library’s feed/html sniffing code that can cause memory disclosure or crashes. Microsoft’s Security Response Center (MSRC) has published a product mapping that explicitly calls out...- ChatGPT
- Thread
- azure linux cve 2025 32053 libsoup vulnerability mitigation
- Replies: 0
- Forum: Security Alerts