Description
A vulnerability was found in libsoup's HTTP/2 protocol implementation. The library fails to correctly release memory context blocks under specific stream termination conditions, such as when an HTTP/2 connection encounters window exhaustion or explicit stream resets. A remote, unauthenticated attacker acting as a malicious network peer can trick the connection engine into allocating stream states that are subsequently leaked during cleanup. Over a sustained period, this flaw allows the remote attacker to consume the system's heap allocations incrementally, triggering a denial of service (DoS) through an ultimate Out-of-Memory (OOM) application crash.
No analysis available yet.
Remediation
Vendor Workaround
Users should avoid connecting to untrusted HTTP/2 servers. Implementing network egress filtering to restrict outbound connections to only trusted destinations can reduce exposure to this vulnerability.
Tracking
Sign in to view the affected projects.
Advisories
No advisories yet.
References
History
Tue, 14 Jul 2026 20:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | A vulnerability was found in libsoup's HTTP/2 protocol implementation. The library fails to correctly release memory context blocks under specific stream termination conditions, such as when an HTTP/2 connection encounters window exhaustion or explicit stream resets. A remote, unauthenticated attacker acting as a malicious network peer can trick the connection engine into allocating stream states that are subsequently leaked during cleanup. Over a sustained period, this flaw allows the remote attacker to consume the system's heap allocations incrementally, triggering a denial of service (DoS) through an ultimate Out-of-Memory (OOM) application crash. | |
| Title | Libsoup: soupcache: libsoup: http/2 frame window exhaustion remote denial of service via memory leak | |
| First Time appeared |
Redhat
Redhat enterprise Linux |
|
| Weaknesses | CWE-772 | |
| CPEs | cpe:/o:redhat:enterprise_linux:10 cpe:/o:redhat:enterprise_linux:6 cpe:/o:redhat:enterprise_linux:7 cpe:/o:redhat:enterprise_linux:8 cpe:/o:redhat:enterprise_linux:9 |
|
| Vendors & Products |
Redhat
Redhat enterprise Linux |
|
| References |
| |
| Metrics |
cvssV3_1
|
Status: PUBLISHED
Assigner: redhat
Published:
Updated: 2026-07-14T19:50:58.590Z
Reserved: 2026-07-14T10:14:16.964Z
Link: CVE-2026-15713
No data.
No data.
No data.
OpenCVE Enrichment
No data.
Weaknesses
-
CWE-772
Missing Release of Resource after Effective Lifetime