Heap Buffer Over-Read in libsoup's HTTP/2 Connection Tracking Framework
CVE-2026-15712

5.9MEDIUM

Key Information:

Vendor

Red Hat

Vendor
CVE Published:
14 July 2026

What is CVE-2026-15712?

A vulnerability in libsoup's HTTP/2 connection tracking framework allows a remote, unauthenticated attacker to exploit the improper handling of the 'Additional Debug Data' in a malformed GOAWAY frame. This oversight results from the parser's failure to conduct strict length-boundary verification before reading the data, which leads to a heap buffer over-read condition. Consequently, this may crash applications, causing denial of service (DoS), and potentially exposing sensitive memory fragments.

References

CVSS V3.1

Score:
5.9
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Red Hat would like to thank cavid for reporting this issue.
.