Primary

Context

libsoup SoupServer Use-After-Free Vulnerability Leading to Denial-of-Service

Vulnerability

A use-after-free vulnerability has been identified in libsoup's SoupServer component. This flaw allows remote attackers to cause a denial-of-service by exploiting the premature freeing of connection objects during a TLS handshake. When the handshake is completed after the connection object has been released, it creates a dangling pointer that, when accessed, leads to a server crash.

Impact

Exploitation of this vulnerability causes the server to crash, creating a denial-of-service condition.

Reproduction

The vulnerability can be reproduced by initiating a TLS handshake with a SoupServer connection. While the handshake is still pending, the 'soup_server_disconnect()' function is called, which prematurely frees the connection object. If the handshake then completes, the callback attempts to access the now-freed object, resulting in a crash.

Added: Mar 26, 2026, 8:33 PM

Updated: Mar 26, 2026, 8:33 PM

Vulnerability Rating

Custom Algorithm

spread

7.3

impact

2.5

exploitability

9.1

remediation

0.0

relevance

4.7

threat

6.4

urgency

2.9

incentive

8.3

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

7.3

impact

2.5

exploitability

9.1

remediation

0.0

relevance

4.7

threat

6.4

urgency

2.9

incentive

8.3

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

libsoup SoupServer Use-After-Free Vulnerability Leading to Denial-of-Service

Vulnerability

Impact

Reproduction

Affected Products

GNOME libsoup

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating