CVE-2026-0716
Out-of-Bounds Read in Libsoup WebSocket Frame Processing
Publication date: 2026-01-13
Last updated on: 2026-01-13
Assigner: Red Hat, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| gnome | libsoup | From 0 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-805 | The product uses a sequential operation to read or write a buffer, but it uses an incorrect length value that causes it to access memory that is outside of the bounds of the buffer. |
Attack-Flow Graph
AI Powered Q&A
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The provided information does not specify how this vulnerability affects compliance with common standards and regulations such as GDPR or HIPAA.
Can you explain this vulnerability to me?
This vulnerability is an out-of-bounds read flaw in the libsoup library's WebSocket frame processing. It happens when a non-default configuration is used where the maximum incoming payload size is set to 0 (unset). Under this condition, the library improperly checks bounds and may read memory beyond the allocated buffer when handling incoming WebSocket messages. This can lead to unintended memory exposure or cause the application to crash. [1]
How can this vulnerability impact me? :
If exploited, this vulnerability can cause unintended memory disclosure, potentially exposing sensitive data from memory, or cause the application using libsoup to crash, leading to denial of service. Exploitation requires a remote attacker to send specially crafted WebSocket frames and the application to be configured with the max_incoming_payload_size set to 0. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
Detection involves identifying if your application uses libsoup with the max_incoming_payload_size parameter set to 0 (non-default configuration). You can check application configurations or logs for this setting. Additionally, monitoring network traffic for unusual or malformed WebSocket frames might help detect exploitation attempts. Specific commands are not provided in the resources. [1]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation includes ensuring that the max_incoming_payload_size parameter is not set to 0 (unset or set to a safe non-zero value) in libsoup configurations. Updating libsoup to a patched version that addresses this vulnerability is also recommended. Restricting or monitoring incoming WebSocket traffic from untrusted sources can reduce risk. [1]