CLSA-2026-1778054005

See a problem?

Import Source

https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1778054005.json

JSON Data

https://api.osv.dev/v1/vulns/CLSA-2026-1778054005

Upstream

CVE-2026-23918

Published

2026-05-06T12:06:20Z

Modified

2026-06-04T09:47:39.286736164Z

Summary

Fix CVE(s): CVE-2026-23918

Details

SECURITY UPDATE: double free and possible remote code execution via HTTP/2 stream double-purge in modhttp2
- debian/patches/CVE-2026-23918.patch: prevent double purge of a stream by introducing addforpurge() helper that checks for duplicates before adding to the purge queue in modules/http2/h2mplx.c
- CVE-2026-23918

References

https://errata.tuxcare.com/els_os/ubuntu20.04els/CLSA-2026-1778054005.html

Affected packages

TuxCare:Ubuntu:20.04

apache2

Package

Name: apache2
Purl: pkg:deb/tuxcare/apache2?distro=ubuntu-20.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.4.41-4ubuntu3.23+tuxcare.els3

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1778054005.json"

apache2-bin

Package

Name: apache2-bin
Purl: pkg:deb/tuxcare/apache2-bin?distro=ubuntu-20.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.4.41-4ubuntu3.23+tuxcare.els3

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1778054005.json"

apache2-data

Package

Name: apache2-data
Purl: pkg:deb/tuxcare/apache2-data?distro=ubuntu-20.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.4.41-4ubuntu3.23+tuxcare.els3

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1778054005.json"

apache2-dev

Package

Name: apache2-dev
Purl: pkg:deb/tuxcare/apache2-dev?distro=ubuntu-20.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.4.41-4ubuntu3.23+tuxcare.els3

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1778054005.json"

apache2-doc

Package

Name: apache2-doc
Purl: pkg:deb/tuxcare/apache2-doc?distro=ubuntu-20.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.4.41-4ubuntu3.23+tuxcare.els3

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1778054005.json"

apache2-ssl-dev

Package

Name: apache2-ssl-dev
Purl: pkg:deb/tuxcare/apache2-ssl-dev?distro=ubuntu-20.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.4.41-4ubuntu3.23+tuxcare.els3

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1778054005.json"

apache2-suexec-custom

Package

Name: apache2-suexec-custom
Purl: pkg:deb/tuxcare/apache2-suexec-custom?distro=ubuntu-20.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.4.41-4ubuntu3.23+tuxcare.els3

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1778054005.json"

apache2-suexec-pristine

Package

Name: apache2-suexec-pristine
Purl: pkg:deb/tuxcare/apache2-suexec-pristine?distro=ubuntu-20.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.4.41-4ubuntu3.23+tuxcare.els3

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1778054005.json"

apache2-utils

Package

Name: apache2-utils
Purl: pkg:deb/tuxcare/apache2-utils?distro=ubuntu-20.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.4.41-4ubuntu3.23+tuxcare.els3

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1778054005.json"

libapache2-mod-md

Package

Name: libapache2-mod-md
Purl: pkg:deb/tuxcare/libapache2-mod-md?distro=ubuntu-20.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.4.41-4ubuntu3.23+tuxcare.els3

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1778054005.json"

libapache2-mod-proxy-uwsgi

Package

Name: libapache2-mod-proxy-uwsgi
Purl: pkg:deb/tuxcare/libapache2-mod-proxy-uwsgi?distro=ubuntu-20.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.4.41-4ubuntu3.23+tuxcare.els3

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1778054005.json"