{}

{}

{}

{"acknowledgement": "Red Hat would like to thank Samuel Dainard for reporting this issue.", "bugzilla": {"description": "libsoup: libsoup: Buffer overread due to integer underflow when handling zero-length resources", "id": "2439091", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2439091"}, "csaw": false, "cvss3": {"cvss3_base_score": "6.5", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L", "status": "draft"}, "cwe": "CWE-191", "details": ["No description is available for this CVE."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}, "name": "CVE-2026-2369", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Fix deferred", "package_name": "libsoup3", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "libsoup", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "libsoup", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "libsoup", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "libsoup", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2026-02-11T11:11:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2026-2369\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-2369"], "statement": "This MODERATE impact flaw in libsoup arises from an integer underflow when processing content with zero-length resources, leading to a buffer overread. This vulnerability could allow an attacker to potentially access sensitive information or cause an application-level denial of service. Red Hat Enterprise Linux and Fedora systems utilizing libsoup are affected when applications process such malformed content.", "threat_severity": "Moderate"}

{}