RLSA-2025:10855

Опубликовано: 03 окт. 2025

Источник: rocky

Оценка: Moderate

Описание

Moderate: glib2 security update

GLib provides the core application building blocks for libraries and applications written in C. It provides the core object system used in GNOME, the main loop implementation, and a large set of utility functions for strings and common data structures.

Security Fix(es):

glib: buffer overflow in set_connect_msg() (CVE-2024-52533)
glib: Buffer Underflow on GLib through glib/gstring.c via function g_string_insert_unichar (CVE-2025-4373)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Затронутые продукты

Rocky Linux 10

Наименование	Архитектура	Релиз	RPM
glib2	x86_64	4.el10_0.6	glib2-2.80.4-4.el10_0.6.x86_64.rpm

Показывать по

Связанные CVE

CVE-2024-52533

CVE-2025-4373

Ссылки на источники

Исправления

https://bugzilla.redhat.com/show_bug.cgi?id=2325340
Red Hat - 2325340
https://bugzilla.redhat.com/show_bug.cgi?id=2364265
Red Hat - 2364265

Связанные уязвимости

ELSA-2025-11140

oracle-oval

4 месяца назад

ELSA-2025-11140: glib2 security update (MODERATE)

ELSA-2025-10855

oracle-oval

4 месяца назад

ELSA-2025-10855: glib2 security update (MODERATE)

RLSA-2025:11327

rocky

3 месяца назад

Moderate: glib2 security update

ELSA-2025-11327

oracle-oval

4 месяца назад

ELSA-2025-11327: glib2 security update (MODERATE)

CVE-2025-4373

CVSS3: 4.8

ubuntu

6 месяцев назад

A flaw was found in GLib, which is vulnerable to an integer overflow in the g_string_insert_unichar() function. When the position at which to insert the character is large, the position will overflow, leading to a buffer underwrite.

exploitDog

RLSA-2025:10855

Описание

Затронутые продукты

Rocky Linux 10: обновленные пакеты

Связанные CVE

Ссылки на источники

Исправления

Связанные уязвимости