CVE-2025-6052

Опубликовано: 13 июн. 2025

Источник: ubuntu

Приоритет: low

EPSS Низкий

CVSS3: 3.7

Описание

A flaw was found in how GLib’s GString manages memory when adding data to strings. If a string is already very large, combining it with more input can cause a hidden overflow in the size calculation. This makes the system think it has enough memory when it doesn’t. As a result, data may be written past the end of the allocated memory, leading to crashes or memory corruption.

Релиз	Статус	Примечание
devel	not-affected	2.84.3-1
esm-infra-legacy/trusty	not-affected
esm-infra/bionic	not-affected
esm-infra/focal	not-affected
esm-infra/xenial	not-affected
jammy	not-affected	2.72.4-0ubuntu2.5
noble	needed
oracular	ignored	end of life, was needed
plucky	needed
upstream	released	2.84.3-1

Показывать по

Ссылки на источники

EPSS

Процентиль: 17%

0.00056

Низкий

3.7 Low

CVSS3

Связанные уязвимости

CVE-2025-6052

CVSS3: 3.7

redhat

около 2 месяцев назад

CVE-2025-6052

CVSS3: 3.7

nvd

около 2 месяцев назад

CVE-2025-6052

CVSS3: 3.7

debian

около 2 месяцев назад

A flaw was found in how GLib\u2019s GString manages memory when adding ...

GHSA-99rj-3595-5frj

CVSS3: 3.7

github

около 2 месяцев назад

SUSE-SU-2025:02167-1

suse-cvrf

около 1 месяца назад

Security update for glib2

EPSS

Процентиль: 17%

0.00056

Низкий

3.7 Low

CVSS3

CVE-2025-6052

Описание

Пакет glib2.0

Ссылки на источники

Связанные уязвимости