Описание
A flaw was found in glib. An integer overflow during temporary file creation leads to an out-of-bounds memory access, allowing an attacker to potentially perform path traversal or access private temporary file content by creating symbolic links. This vulnerability allows a local attacker to manipulate file paths and access unauthorized data. The core issue stems from insufficient validation of file path lengths during temporary file operations.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 2.85.2-2 |
| esm-infra-legacy/trusty | needs-triage | |
| esm-infra/bionic | needs-triage | |
| esm-infra/focal | needs-triage | |
| esm-infra/xenial | needs-triage | |
| jammy | released | 2.72.4-0ubuntu2.7 |
| noble | released | 2.80.0-6ubuntu3.6 |
| plucky | released | 2.84.1-1ubuntu0.2 |
| questing | not-affected | 2.85.2-2 |
| upstream | released | 2.84.4-1 |
Показывать по
3.7 Low
CVSS3
Связанные уязвимости
A flaw was found in glib. An integer overflow during temporary file creation leads to an out-of-bounds memory access, allowing an attacker to potentially perform path traversal or access private temporary file content by creating symbolic links. This vulnerability allows a local attacker to manipulate file paths and access unauthorized data. The core issue stems from insufficient validation of file path lengths during temporary file operations.
A flaw was found in glib. An integer overflow during temporary file creation leads to an out-of-bounds memory access, allowing an attacker to potentially perform path traversal or access private temporary file content by creating symbolic links. This vulnerability allows a local attacker to manipulate file paths and access unauthorized data. The core issue stems from insufficient validation of file path lengths during temporary file operations.
Glib: buffer under-read on glib through glib/gfileutils.c via get_tmp_file()
A flaw was found in glib. An integer overflow during temporary file cr ...
3.7 Low
CVSS3