{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2026-4271","assignerOrgId":"53f830b8-0a3f-465b-8143-3b8a9948e749","state":"PUBLISHED","assignerShortName":"redhat","dateReserved":"2026-03-16T14:43:58.712Z","datePublished":"2026-03-17T11:14:21.284Z","dateUpdated":"2026-05-14T10:04:43.896Z"},"containers":{"cna":{"title":"Libsoup: libsoup: denial of service via use-after-free in http/2 server","metrics":[{"other":{"content":{"value":"Moderate","namespace":"https://access.redhat.com/security/updates/classification/"},"type":"Red Hat severity rating"}},{"cvssV3_1":{"attackComplexity":"LOW","attackVector":"NETWORK","availabilityImpact":"LOW","baseScore":5.3,"baseSeverity":"MEDIUM","confidentialityImpact":"NONE","integrityImpact":"NONE","privilegesRequired":"NONE","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","version":"3.1"},"format":"CVSS"}],"descriptions":[{"lang":"en","value":"A flaw was found in libsoup, a library for handling HTTP requests. This vulnerability, known as a Use-After-Free, occurs in the HTTP/2 server implementation. A remote attacker can exploit this by sending specially crafted HTTP/2 requests that cause authentication failures. This can lead to the application attempting to access memory that has already been freed, potentially causing application instability or crashes, resulting in a Denial of Service (DoS)."}],"affected":[{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libsoup3","defaultStatus":"affected","versions":[{"version":"0:3.6.5-3.el10_1.11","lessThan":"*","versionType":"rpm","status":"unaffected"}],"cpes":["cpe:/o:redhat:enterprise_linux:10.1"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10.0 Extended Update Support","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libsoup3","defaultStatus":"affected","versions":[{"version":"0:3.6.5-3.el10_0.15","lessThan":"*","versionType":"rpm","status":"unaffected"}],"cpes":["cpe:/o:redhat:enterprise_linux_eus:10.0"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 6","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libsoup","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:6"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libsoup","defaultStatus":"unaffected","cpes":["cpe:/o:redhat:enterprise_linux:7"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libsoup","defaultStatus":"unaffected","cpes":["cpe:/o:redhat:enterprise_linux:8"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libsoup","defaultStatus":"unaffected","cpes":["cpe:/o:redhat:enterprise_linux:9"]}],"references":[{"url":"https://access.redhat.com/errata/RHSA-2026:15968","name":"RHSA-2026:15968","tags":["vendor-advisory","x_refsource_REDHAT"]},{"url":"https://access.redhat.com/errata/RHSA-2026:17482","name":"RHSA-2026:17482","tags":["vendor-advisory","x_refsource_REDHAT"]},{"url":"https://access.redhat.com/security/cve/CVE-2026-4271","tags":["vdb-entry","x_refsource_REDHAT"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2448044","name":"RHBZ#2448044","tags":["issue-tracking","x_refsource_REDHAT"]},{"url":"https://gitlab.gnome.org/GNOME/libsoup/-/issues/496"}],"datePublic":"2026-03-16T00:00:00.000Z","problemTypes":[{"descriptions":[{"cweId":"CWE-416","description":"Use After Free","lang":"en","type":"CWE"}]}],"x_redhatCweChain":"CWE-416: Use After Free","workarounds":[{"lang":"en","value":"Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}],"timeline":[{"lang":"en","time":"2026-03-16T14:41:21.942Z","value":"Reported to Red Hat."},{"lang":"en","time":"2026-03-16T00:00:00.000Z","value":"Made public."}],"credits":[{"lang":"en","value":"Red Hat would like to thank fouzhe for reporting this issue."}],"providerMetadata":{"orgId":"53f830b8-0a3f-465b-8143-3b8a9948e749","shortName":"redhat","dateUpdated":"2026-05-14T10:04:43.896Z"},"x_generator":{"engine":"cvelib 1.8.0"}},"adp":[{"references":[{"url":"https://gitlab.gnome.org/GNOME/libsoup/-/issues/496","tags":["exploit"]}],"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2026-03-17T13:04:24.452812Z","id":"CVE-2026-4271","options":[{"Exploitation":"poc"},{"Automatable":"yes"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2026-03-17T13:04:28.101Z"}}]}}