Medium5.5Red Hat Linux Updated
memory corruption in cache_digest reply handling
CVE-2026-50012 Published Jun 23, 2026Updated by vendor Jun 23, 2026
Affected products & platforms
Red Hat LinuxUnclassified
Summary
memory corruption in cache_digest reply handling. Red Hat rates this moderate (CVSS 5.5). Weakness: CWE-122.
Mitigation checklist
Recommended fix / mitigation
- To mitigate this vulnerability, restrict or disable cache digest processing for cache peers by adding the appropriate settings to the squid.conf configuration file: Disable cache digests for any cache_peer not under direct control by adding the no-digest option. This completely removes the vulnerability for those peers at the cost of increased bandwidth. Use of HTCP or ICP as alternative protocols can reduce that cost. ~~~ # Example of disabling digests for an untrusted peer. cache_peer untrusted.server.example.com parent 3128 3130 no-digest ~~~ Audit the Squid configuration and ensure that all configured cache_peer entries are under direct control and are trusted. Restricting cache peering exclusively to trusted domains greatly reduces the risk of exploitation. ~~~ # Example of a fully trusted peer without the no-digest flag. cache_peer trusted.internal.example.com parent 3128 3130 ~~~
Official advisory · high-confidence parse· fetched 7 hours ago·verify at source
Discussion(0)
No comments yet. Share field notes, upgrade gotchas, or questions — verify against the vendor advisory before acting on community advice.
Sign in to join the discussion.