CVE-2025-60018

Опубликовано: 25 сент. 2025

Источник: debian

Описание

glib-networking's OpenSSL backend fails to properly check the return value of a call to BIO_write(), resulting in an out of bounds read.

Пакет	Статус	Версия исправления	Релиз	Тип
glib-networking	unfixed			package

https://gitlab.gnome.org/GNOME/glib-networking/-/issues/226
https://gitlab.gnome.org/GNOME/glib-networking/-/merge_requests/262
Fixed by: https://gitlab.gnome.org/GNOME/glib-networking/-/commit/4dd540505d40babe488404f3174ec39f49a84485
OpenSSL backend disabled by default upstream and in Debian

CVE-2025-60018

CVSS3: 4.8

ubuntu

около 1 месяца назад

glib-networking's OpenSSL backend fails to properly check the return value of a call to BIO_write(), resulting in an out of bounds read.

CVE-2025-60018

CVSS3: 4.8

nvd

около 1 месяца назад

glib-networking's OpenSSL backend fails to properly check the return value of a call to BIO_write(), resulting in an out of bounds read.

CVE-2025-60018

msrc

около 1 месяца назад

Glib-networking: out of bound reads on glib-networking through tls/openssl/gtlscertificate-openssl.c via "g_tls_certificate_openssl_get_property()"

GHSA-3jwx-4xp9-65px

CVSS3: 4.8

github

около 1 месяца назад

glib-networking's OpenSSL backend fails to properly check the return value of a call to BIO_write(), resulting in an out of bounds read.