CVE-2026-8925

Discovered by AISLEPUBLISHEDCWE-415 Double Free

Description

The curl logic that works with SASL authentication could end up cleaning up the GSASL context *twice* without clearing the pointer in between, making it `free()` the same pointer twice.

Affected Products

VendorProductVersionStatus
curlcurl8.20.0affected
curlcurl8.19.0
curlcurl8.18.0
curlcurl8.17.0
curlcurl8.16.0
curlcurl8.15.0

Credits

  • Joshua Rogers (Aisle Research)(finder)
  • Viktor Szakats(remediation developer)

References