Описание
A flaw was found in GLib (Gnome Lib). This vulnerability allows a remote attacker to cause heap corruption, leading to a denial of service or potential code execution via a buffer-underflow in the GVariant parser when processing maliciously crafted input strings.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| glib2.0 | fixed | 2.86.3-1 | package | |
| glib2.0 | fixed | 2.84.4-3~deb13u2 | trixie | package |
| glib2.0 | fixed | 2.74.6-2+deb12u8 | bookworm | package |
Примечания
https://gitlab.gnome.org/GNOME/glib/-/issues/3834
https://gitlab.gnome.org/GNOME/glib/-/merge_requests/4933
https://gitlab.gnome.org/GNOME/glib/-/merge_requests/4934
Fixed by: https://gitlab.gnome.org/GNOME/glib/-/commit/3e72fe0fbb32c18a66486c4da8bc851f656af287 (2.86.3)
Fixed by: https://gitlab.gnome.org/GNOME/glib/-/commit/6fe481cec709ec65b5846113848723bc25a8782a (2.86.3)
Fixed by: https://gitlab.gnome.org/GNOME/glib/-/commit/dd333a40aa95819720a01caf6de564cd8a4a6310 (2.86.3)
EPSS
Связанные уязвимости
A flaw was found in GLib (Gnome Lib). This vulnerability allows a remote attacker to cause heap corruption, leading to a denial of service or potential code execution via a buffer-underflow in the GVariant parser when processing maliciously crafted input strings.
A flaw was found in GLib (Gnome Lib). This vulnerability allows a remote attacker to cause heap corruption, leading to a denial of service or potential code execution via a buffer-underflow in the GVariant parser when processing maliciously crafted input strings.
Glib: glib: buffer underflow in gvariant parser leads to heap corruption
A flaw was found in GLib (Gnome Lib). This vulnerability allows a remote attacker to cause heap corruption, leading to a denial of service or potential code execution via a buffer-underflow in the GVariant parser when processing maliciously crafted input strings.
EPSS