Описание
glib-networking's OpenSSL backend fails to properly check the return value of memory allocation routines. An out of memory condition could potentially result in writing to an invalid memory location.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | code not compiled |
| esm-infra/bionic | not-affected | code not compiled |
| esm-infra/focal | not-affected | code not compiled |
| esm-infra/xenial | not-affected | code not compiled |
| jammy | not-affected | code not compiled |
| noble | not-affected | code not compiled |
| plucky | not-affected | code not compiled |
| upstream | needs-triage |
Показывать по
EPSS
3.7 Low
CVSS3
Связанные уязвимости
glib-networking's OpenSSL backend fails to properly check the return value of memory allocation routines. An out of memory condition could potentially result in writing to an invalid memory location.
Glib-networking: uninitialized memory dereferences on glib-networking through glib-networking/tls/openssl/gtlsbio.c via g_tls_bio_new_from_iostream() and g_tls_bio_new_from_datagram_based()
glib-networking's OpenSSL backend fails to properly check the return v ...
glib-networking's OpenSSL backend fails to properly check the return value of memory allocation routines. An out of memory condition could potentially result in writing to an invalid memory location.
Уязвимость функцим g_tls_bio_new_from_iostream() и g_tls_bio_new_from_datagram_based() библиотеки OpenSSL, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации
EPSS
3.7 Low
CVSS3