UBUNTU-CVE-2026-23918 | Mondoo Vulnerability Intelligence

UBUNTU-CVE-2026-23918

HIGH8.0

http2: double free and possible RCE on early reset

Published May 5, 2026

Modified 3 days ago

Details

http2: double free and possible RCE on early reset

Affected Packages

apache2

Ubuntu 22.04 LTS

Affected versions:

2.4.48-3.1ubuntu32.4.48-3.1ubuntu42.4.51-2ubuntu12.4.52-1ubuntu12.4.52-1ubuntu22.4.52-1ubuntu42.4.52-1ubuntu4.12.4.52-1ubuntu4.102.4.52-1ubuntu4.112.4.52-1ubuntu4.12+14 more

apache2

Ubuntu 24.04 LTS

Affected versions:

2.4.57-2ubuntu22.4.57-2ubuntu32.4.58-1ubuntu12.4.58-1ubuntu22.4.58-1ubuntu62.4.58-1ubuntu72.4.58-1ubuntu82.4.58-1ubuntu8.12.4.58-1ubuntu8.102.4.58-1ubuntu8.11+7 more

apache2

Ubuntu 25.10

Affected versions:

2.4.63-1ubuntu12.4.63-1ubuntu32.4.64-1ubuntu22.4.64-1ubuntu32.4.64-1ubuntu3.22.4.64-1ubuntu3.3

apache2

Ubuntu 26.04

Affected versions:

2.4.64-1ubuntu32.4.65-3ubuntu12.4.66-2ubuntu12.4.66-2ubuntu2

apache2

Ubuntu Pro 14.04 LTS

Affected versions:

2.4.6-2ubuntu22.4.6-2ubuntu32.4.6-2ubuntu42.4.7-1ubuntu12.4.7-1ubuntu22.4.7-1ubuntu32.4.7-1ubuntu42.4.7-1ubuntu4.12.4.7-1ubuntu4.102.4.7-1ubuntu4.11+24 more

apache2

Ubuntu Pro 16.04 LTS

Affected versions:

2.4.12-2ubuntu22.4.17-1ubuntu12.4.17-2ubuntu12.4.17-3ubuntu12.4.18-1ubuntu12.4.18-2ubuntu12.4.18-2ubuntu22.4.18-2ubuntu32.4.18-2ubuntu3.12.4.18-2ubuntu3.10+27 more

apache2

Ubuntu Pro 18.04 LTS

Affected versions:

2.4.27-2ubuntu32.4.29-1ubuntu12.4.29-1ubuntu22.4.29-1ubuntu32.4.29-1ubuntu42.4.29-1ubuntu4.12.4.29-1ubuntu4.102.4.29-1ubuntu4.112.4.29-1ubuntu4.122.4.29-1ubuntu4.13+25 more

apache2

Ubuntu Pro 20.04 LTS

Affected versions:

2.4.41-1ubuntu12.4.41-4ubuntu12.4.41-4ubuntu22.4.41-4ubuntu32.4.41-4ubuntu3.12.4.41-4ubuntu3.102.4.41-4ubuntu3.112.4.41-4ubuntu3.122.4.41-4ubuntu3.132.4.41-4ubuntu3.14+15 more

References

REPORT

https://ubuntu.com/security/CVE-2026-23918

REPORT

https://www.cve.org/CVERecord?id=CVE-2026-23918

Upstream

CVE-2026-23918

Ecosystems(8)

Ubuntu 22.04 LTS Ubuntu 24.04 LTS Ubuntu 25.10 Ubuntu 26.04 Ubuntu Pro 14.04 LTS

Timeline

PublishedMay 5, 2026

ModifiedMay 5, 2026