The fix for CVE-2026-2443 was regressed by a subsequent rework commit that replaced specific overflow checks with a general signed comparison. When a client sends a Range request with a suffix length exceeding the content size, the resulting negative start value is not properly clamped, leading to malformed HTTP 206 responses and log flooding.
{
"binaries": [
{
"binary_name": "gir1.2-soup-2.4",
"binary_version": "2.74.2-3ubuntu0.7"
},
{
"binary_name": "libsoup-gnome2.4-1",
"binary_version": "2.74.2-3ubuntu0.7"
},
{
"binary_name": "libsoup2.4-1",
"binary_version": "2.74.2-3ubuntu0.7"
},
{
"binary_name": "libsoup2.4-common",
"binary_version": "2.74.2-3ubuntu0.7"
},
{
"binary_name": "libsoup2.4-tests",
"binary_version": "2.74.2-3ubuntu0.7"
}
]
}{
"binaries": [
{
"binary_name": "gir1.2-soup-2.4",
"binary_version": "2.74.3-6ubuntu1.7"
},
{
"binary_name": "libsoup-2.4-1",
"binary_version": "2.74.3-6ubuntu1.7"
},
{
"binary_name": "libsoup-gnome-2.4-1",
"binary_version": "2.74.3-6ubuntu1.7"
},
{
"binary_name": "libsoup2.4-common",
"binary_version": "2.74.3-6ubuntu1.7"
},
{
"binary_name": "libsoup2.4-tests",
"binary_version": "2.74.3-6ubuntu1.7"
}
]
}{
"binaries": [
{
"binary_name": "gir1.2-soup-3.0",
"binary_version": "3.4.4-5ubuntu0.7"
},
{
"binary_name": "libsoup-3.0-0",
"binary_version": "3.4.4-5ubuntu0.7"
},
{
"binary_name": "libsoup-3.0-common",
"binary_version": "3.4.4-5ubuntu0.7"
},
{
"binary_name": "libsoup-3.0-tests",
"binary_version": "3.4.4-5ubuntu0.7"
}
]
}{
"binaries": [
{
"binary_name": "gir1.2-soup-2.4",
"binary_version": "2.74.3-10.1ubuntu4.1"
},
{
"binary_name": "libsoup-2.4-1",
"binary_version": "2.74.3-10.1ubuntu4.1"
},
{
"binary_name": "libsoup-gnome-2.4-1",
"binary_version": "2.74.3-10.1ubuntu4.1"
},
{
"binary_name": "libsoup2.4-common",
"binary_version": "2.74.3-10.1ubuntu4.1"
},
{
"binary_name": "libsoup2.4-tests",
"binary_version": "2.74.3-10.1ubuntu4.1"
}
]
}{
"binaries": [
{
"binary_name": "gir1.2-soup-3.0",
"binary_version": "3.6.5-4ubuntu0.2"
},
{
"binary_name": "libsoup-3.0-0",
"binary_version": "3.6.5-4ubuntu0.2"
},
{
"binary_name": "libsoup-3.0-common",
"binary_version": "3.6.5-4ubuntu0.2"
},
{
"binary_name": "libsoup-3.0-tests",
"binary_version": "3.6.5-4ubuntu0.2"
}
]
}{
"binaries": [
{
"binary_name": "gir1.2-soup-3.0",
"binary_version": "3.6.6-1"
},
{
"binary_name": "libsoup-3.0-0",
"binary_version": "3.6.6-1"
},
{
"binary_name": "libsoup-3.0-common",
"binary_version": "3.6.6-1"
},
{
"binary_name": "libsoup-3.0-tests",
"binary_version": "3.6.6-1"
}
]
}{
"binaries": [
{
"binary_name": "gir1.2-soup-2.4",
"binary_version": "2.70.0-1ubuntu0.5+esm2"
},
{
"binary_name": "libsoup-gnome2.4-1",
"binary_version": "2.70.0-1ubuntu0.5+esm2"
},
{
"binary_name": "libsoup2.4-1",
"binary_version": "2.70.0-1ubuntu0.5+esm2"
},
{
"binary_name": "libsoup2.4-tests",
"binary_version": "2.70.0-1ubuntu0.5+esm2"
}
]
}{
"binaries": [
{
"binary_name": "gir1.2-soup-3.0",
"binary_version": "3.0.7-0ubuntu1+esm7"
},
{
"binary_name": "libsoup-3.0-0",
"binary_version": "3.0.7-0ubuntu1+esm7"
},
{
"binary_name": "libsoup-3.0-common",
"binary_version": "3.0.7-0ubuntu1+esm7"
},
{
"binary_name": "libsoup-3.0-tests",
"binary_version": "3.0.7-0ubuntu1+esm7"
}
]
}{
"binaries": [
{
"binary_name": "gir1.2-soup-2.4",
"binary_version": "2.74.3-10.1ubuntu5+esm1"
},
{
"binary_name": "libsoup-2.4-1",
"binary_version": "2.74.3-10.1ubuntu5+esm1"
},
{
"binary_name": "libsoup-gnome-2.4-1",
"binary_version": "2.74.3-10.1ubuntu5+esm1"
},
{
"binary_name": "libsoup2.4-common",
"binary_version": "2.74.3-10.1ubuntu5+esm1"
},
{
"binary_name": "libsoup2.4-tests",
"binary_version": "2.74.3-10.1ubuntu5+esm1"
}
]
}