Skip to main content

Red Hat Enterprise Linux 10 CVE-2026-2436

| EUVD-2026-16342 MEDIUM
Expired Pointer Dereference (CWE-825)
2026-03-26 redhat GHSA-wpfw-5xvc-wq9w
Denial Of Service Red Hat Enterprise Linux 10 Red Hat Enterprise Linux 6 Red Hat Enterprise Linux 7 Red Hat Enterprise Linux 8 Red Hat Enterprise Linux 9
6.5
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
6.5 MEDIUM
AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H
Ubuntu
MEDIUM
qualitative
SUSE
8.1 HIGH
AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Red Hat
6.5 MEDIUM
qualitative

Primary rating from NVD.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H
Attack Vector
Network
Attack Complexity
High
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
Low
Availability
High

Lifecycle Timeline

4
Patch released
Mar 31, 2026 - 21:13 nvd
Patch available
EUVD ID Assigned
Mar 26, 2026 - 20:00 euvd
EUVD-2026-16342
Analysis Generated
Mar 26, 2026 - 20:00 vuln.today
CVE Published
Mar 26, 2026 - 19:31 nvd
MEDIUM 6.5

DescriptionCVE.org

A flaw was found in libsoup's SoupServer. A remote attacker could exploit a use-after-free vulnerability where the soup_server_disconnect() function frees connection objects prematurely, even if a TLS handshake is still pending. If the handshake completes after the connection object has been freed, a dangling pointer is accessed, leading to a server crash and a Denial of Service.

AnalysisAI

libsoup's SoupServer contains a use-after-free vulnerability in the soup_server_disconnect() function that prematurely frees connection objects while TLS handshakes are pending, allowing remote unauthenticated attackers to trigger a server crash via denial of service when a handshake completes after memory deallocation. The vulnerability affects Red Hat Enterprise Linux versions 6, 7, 8, 9, and 10, as well as Ubuntu and Debian distributions across multiple releases. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts
Continue with Google Continue with GitHub

Free forever · No credit card required

Vulnerability AssessmentAI

Risk Assessment The CVSS 3.1 score of 6.5 reflects moderate severity with a network attack vector (AV:N), high attack complexity (AC:H), no privilege requirements (PR:N), and no user interaction needed (UI:N). … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker sends multiple concurrent TLS connection requests to a libsoup-based server. When the server begins terminating one connection via soup_server_disconnect(), the function immediately frees the associated connection object without waiting for the TLS handshake to complete. …
Remediation Apply the vendor-released security update for libsoup when available from your distribution maintainer. … Detailed patch versions, workarounds, and compensating controls in full report.
Sign in to read full assessment

Recommended ActionAI

Within 30 days: Identify affected systems and apply vendor patches as part of regular patch cycle. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

More from same product – last 7 days

CVE-2026-11788 HIGH
7.5 Jun 09

Remote denial of service in 389 Directory Server (Red Hat Directory Server 11/12/13 and Red Hat Enterprise Linux 6 throu
CVE-2026-48914 MEDIUM
6.7 Jun 12

Out-of-bounds heap write in QEMU's virtio-blk device allows a high-privileged guest to crash the host QEMU process. The

CVE-2026-11789 MEDIUM
6.5 Jun 09

Denial-of-service in Red Hat's 389 Directory Server allows a highly privileged network attacker to crash the LDAP servic
CVE-2026-11786 MEDIUM
6.5 Jun 09

Out-of-bounds read in 389 Directory Server's LDIF parser exposes limited heap memory to a highly privileged local attack
CVE-2026-11611 MEDIUM
6.5 Jun 08

Denial of service in Red Hat 389 Directory Server's Content Synchronization persistent search plugin enables authenticat

Vendor StatusVendor

Ubuntu

Priority: Medium
libsoup2.4
Release Status Version
xenial needs-triage -
bionic needs-triage -
focal needs-triage -
jammy needs-triage -
noble needs-triage -
questing needs-triage -
upstream needs-triage -
libsoup3
Release Status Version
jammy needs-triage -
noble needs-triage -
questing needs-triage -
upstream needs-triage -

Debian

Bug #1130498
libsoup2.4
Release Status Fixed Version Urgency
bullseye vulnerable 2.72.0-2 -
bullseye (security) vulnerable 2.72.0-2+deb11u3 -
bookworm vulnerable 2.74.3-1+deb12u1 -
trixie vulnerable 2.74.3-10.1 -
(unstable) fixed (unfixed) -
libsoup3
Release Status Fixed Version Urgency
bookworm vulnerable 3.2.3-0+deb12u2 -
trixie vulnerable 3.6.5-3 -
forky, sid vulnerable 3.6.6-1 -
(unstable) fixed (unfixed) -

SUSE

Severity: High
Product Status
SUSE Linux Enterprise Desktop 15 SP7 Fixed
SUSE Linux Enterprise Desktop 15 SP7 Fixed
SUSE Linux Enterprise High Performance Computing 15 SP7 Fixed
SUSE Linux Enterprise High Performance Computing 15 SP7 Fixed
SUSE Linux Enterprise Micro 5.2 Fixed

Share

CVE-2026-2436 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy