Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-SU-2026:0018-1

Опубликовано: 05 янв. 2026
Источник: suse-cvrf

Описание

Security update for glib2

This update for glib2 fixes the following issues:

  • CVE-2025-14512: integer overflow in the GIO escape_byte_string() function when processing malicious files or remote filesystem attribute values can lead to denial-of-service (bsc#1254878).
  • CVE-2025-14087: buffer underflow in the GVariant parser bytestring_parse() and string_parse()functions when processing attacker-influenced data may lead to crash or code execution (bsc#1254662).
  • CVE-2025-13601: heap-based buffer overflow in the g_escape_uri_string() function when processing strings with a large number of unacceptable characters may lead to crash or code execution (bsc#1254297).

Список пакетов

Container bci/bci-init:latest
libglib-2_0-0-2.78.6-150600.4.25.1
Container bci/gcc:latest
libglib-2_0-0-2.78.6-150600.4.25.1
Container bci/rust:latest
libglib-2_0-0-2.78.6-150600.4.25.1
Container bci/spack:latest
glib2-tools-2.78.6-150600.4.25.1
libgio-2_0-0-2.78.6-150600.4.25.1
libglib-2_0-0-2.78.6-150600.4.25.1
libgmodule-2_0-0-2.78.6-150600.4.25.1
libgobject-2_0-0-2.78.6-150600.4.25.1
Container suse/kiosk/firefox-esr:latest
glib2-tools-2.78.6-150600.4.25.1
libgio-2_0-0-2.78.6-150600.4.25.1
libglib-2_0-0-2.78.6-150600.4.25.1
libgmodule-2_0-0-2.78.6-150600.4.25.1
libgobject-2_0-0-2.78.6-150600.4.25.1
libgthread-2_0-0-2.78.6-150600.4.25.1
Container suse/kiosk/pulseaudio:latest
glib2-tools-2.78.6-150600.4.25.1
libgio-2_0-0-2.78.6-150600.4.25.1
libglib-2_0-0-2.78.6-150600.4.25.1
libgmodule-2_0-0-2.78.6-150600.4.25.1
libgobject-2_0-0-2.78.6-150600.4.25.1
Container suse/kiosk/xorg:latest
glib2-tools-2.78.6-150600.4.25.1
libgio-2_0-0-2.78.6-150600.4.25.1
libglib-2_0-0-2.78.6-150600.4.25.1
libgmodule-2_0-0-2.78.6-150600.4.25.1
libgobject-2_0-0-2.78.6-150600.4.25.1
Container suse/pcp:latest
libglib-2_0-0-2.78.6-150600.4.25.1
Container suse/sle15:latest
libglib-2_0-0-2.78.6-150600.4.25.1
SUSE Linux Enterprise Module for Basesystem 15 SP7
glib2-devel-2.78.6-150600.4.25.1
glib2-lang-2.78.6-150600.4.25.1
glib2-tools-2.78.6-150600.4.25.1
libgio-2_0-0-2.78.6-150600.4.25.1
libgio-2_0-0-32bit-2.78.6-150600.4.25.1
libglib-2_0-0-2.78.6-150600.4.25.1
libglib-2_0-0-32bit-2.78.6-150600.4.25.1
libgmodule-2_0-0-2.78.6-150600.4.25.1
libgmodule-2_0-0-32bit-2.78.6-150600.4.25.1
libgobject-2_0-0-2.78.6-150600.4.25.1
libgobject-2_0-0-32bit-2.78.6-150600.4.25.1
libgthread-2_0-0-2.78.6-150600.4.25.1
SUSE Linux Enterprise Server 15 SP6-LTSS
glib2-devel-2.78.6-150600.4.25.1
glib2-lang-2.78.6-150600.4.25.1
glib2-tools-2.78.6-150600.4.25.1
libgio-2_0-0-2.78.6-150600.4.25.1
libgio-2_0-0-32bit-2.78.6-150600.4.25.1
libglib-2_0-0-2.78.6-150600.4.25.1
libglib-2_0-0-32bit-2.78.6-150600.4.25.1
libgmodule-2_0-0-2.78.6-150600.4.25.1
libgmodule-2_0-0-32bit-2.78.6-150600.4.25.1
libgobject-2_0-0-2.78.6-150600.4.25.1
libgobject-2_0-0-32bit-2.78.6-150600.4.25.1
libgthread-2_0-0-2.78.6-150600.4.25.1
SUSE Linux Enterprise Server for SAP Applications 15 SP6
glib2-devel-2.78.6-150600.4.25.1
glib2-lang-2.78.6-150600.4.25.1
glib2-tools-2.78.6-150600.4.25.1
libgio-2_0-0-2.78.6-150600.4.25.1
libgio-2_0-0-32bit-2.78.6-150600.4.25.1
libglib-2_0-0-2.78.6-150600.4.25.1
libglib-2_0-0-32bit-2.78.6-150600.4.25.1
libgmodule-2_0-0-2.78.6-150600.4.25.1
libgmodule-2_0-0-32bit-2.78.6-150600.4.25.1
libgobject-2_0-0-2.78.6-150600.4.25.1
libgobject-2_0-0-32bit-2.78.6-150600.4.25.1
libgthread-2_0-0-2.78.6-150600.4.25.1
openSUSE Leap 15.6
gio-branding-upstream-2.78.6-150600.4.25.1
glib2-devel-2.78.6-150600.4.25.1
glib2-devel-32bit-2.78.6-150600.4.25.1
glib2-devel-static-2.78.6-150600.4.25.1
glib2-doc-2.78.6-150600.4.25.1
glib2-lang-2.78.6-150600.4.25.1
glib2-tests-devel-2.78.6-150600.4.25.1
glib2-tools-2.78.6-150600.4.25.1
glib2-tools-32bit-2.78.6-150600.4.25.1
libgio-2_0-0-2.78.6-150600.4.25.1
libgio-2_0-0-32bit-2.78.6-150600.4.25.1
libglib-2_0-0-2.78.6-150600.4.25.1
libglib-2_0-0-32bit-2.78.6-150600.4.25.1
libgmodule-2_0-0-2.78.6-150600.4.25.1
libgmodule-2_0-0-32bit-2.78.6-150600.4.25.1
libgobject-2_0-0-2.78.6-150600.4.25.1
libgobject-2_0-0-32bit-2.78.6-150600.4.25.1
libgthread-2_0-0-2.78.6-150600.4.25.1
libgthread-2_0-0-32bit-2.78.6-150600.4.25.1

Ссылки

Описание

A heap-based buffer overflow problem was found in glib through an incorrect calculation of buffer size in the g_escape_uri_string() function. If the string to escape contains a very large number of unacceptable characters (which would need escaping), the calculation of the length of the escaped string could overflow, leading to a potential write off the end of the newly allocated string.

Затронутые продукты
Container bci/bci-init:latest:libglib-2_0-0-2.78.6-150600.4.25.1
Container bci/gcc:latest:libglib-2_0-0-2.78.6-150600.4.25.1
Container bci/rust:latest:libglib-2_0-0-2.78.6-150600.4.25.1
Container bci/spack:latest:glib2-tools-2.78.6-150600.4.25.1
Ссылки

Описание

A flaw was found in GLib (Gnome Lib). This vulnerability allows a remote attacker to cause heap corruption, leading to a denial of service or potential code execution via a buffer-underflow in the GVariant parser when processing maliciously crafted input strings.

Затронутые продукты
Container bci/bci-init:latest:libglib-2_0-0-2.78.6-150600.4.25.1
Container bci/gcc:latest:libglib-2_0-0-2.78.6-150600.4.25.1
Container bci/rust:latest:libglib-2_0-0-2.78.6-150600.4.25.1
Container bci/spack:latest:glib2-tools-2.78.6-150600.4.25.1
Ссылки

Описание

A flaw was found in glib. This vulnerability allows a heap buffer overflow and denial-of-service (DoS) via an integer overflow in GLib's GIO (GLib Input/Output) escape_byte_string() function when processing malicious file or remote filesystem attribute values.

Затронутые продукты
Container bci/bci-init:latest:libglib-2_0-0-2.78.6-150600.4.25.1
Container bci/gcc:latest:libglib-2_0-0-2.78.6-150600.4.25.1
Container bci/rust:latest:libglib-2_0-0-2.78.6-150600.4.25.1
Container bci/spack:latest:glib2-tools-2.78.6-150600.4.25.1
Ссылки