NTLM Authentication Flaw in Libsoup HTTP Library Impacting GNOME Applications
CVE-2026-0719
Key Information:
What is CVE-2026-0719?
A vulnerability has been discovered in the NTLM authentication handling within the libsoup HTTP library, which is utilized by GNOME and various other applications for network interactions. This flaw arises when the library processes overly long passwords, leading to an internal size calculation overflow due to the incorrect handling of signed integers. Consequently, this overflow may cause improper memory allocation on the stack, resulting in unsafe memory copying. Applications that rely on libsoup could experience unexpected crashes, thus creating a potential denial-of-service condition.
Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.
Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.
Affected Version(s)
Red Hat Enterprise Linux 10 0:3.6.5-3.el10_1.9
Red Hat Enterprise Linux 10.0 Extended Update Support 0:3.6.5-3.el10_0.14
Red Hat Enterprise Linux 8.8 Telecommunications Update Service 0:2.62.3-3.el8_8.8
References
CVSS V3.1
Timeline
Vulnerability published
Vulnerability Reserved