CVE-2026-8925
Discovered by AISLEPUBLISHEDCWE-415 Double Free
Description
The curl logic that works with SASL authentication could end up cleaning up the GSASL context *twice* without clearing the pointer in between, making it `free()` the same pointer twice.
Affected Products
| Vendor | Product | Version | Status |
|---|---|---|---|
| curl | curl | 8.20.0 | affected |
| curl | curl | 8.19.0 | — |
| curl | curl | 8.18.0 | — |
| curl | curl | 8.17.0 | — |
| curl | curl | 8.16.0 | — |
| curl | curl | 8.15.0 | — |
Credits
- Joshua Rogers (Aisle Research)(finder)
- Viktor Szakats(remediation developer)