The curl logic that works with SASL authentication could end up cleaning up the GSASL context *twice* without clearing the pointer in between, making it `free()` the same pointer twice.
History

Fri, 03 Jul 2026 06:45:00 +0000

Type Values Removed Values Added
Description The curl logic that works with SASL authentication could end up cleaning up the GSASL context *twice* without clearing the pointer in between, making it `free()` the same pointer twice.
Title SASL double-free
References

cve-icon MITRE

Status: PUBLISHED

Assigner: curl

Published:

Updated: 2026-07-03T06:15:25.448Z

Reserved: 2026-05-19T08:11:49.032Z

Link: CVE-2026-8925

cve-icon Vulnrichment

No data.

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.