CVE-2026-2436

Description

A flaw was found in libsoup's SoupServer. A remote attacker could exploit a use-after-free vulnerability where the `soup_server_disconnect()` function frees connection objects prematurely, even if a TLS handshake is still pending. If the handshake completes after the connection object has been freed, a dangling pointer is accessed, leading to a server crash and a Denial of Service.

References

• https://access.redhat.com/security/cve/CVE-2026-2436
• https://bugzilla.redhat.com/show_bug.cgi?id=2442909