9.8

CVE-2025-14087

Glib: glib: buffer underflow in gvariant parser leads to heap corruption

A flaw was found in GLib (Gnome Lib). This vulnerability allows a remote attacker to cause heap corruption, leading to a denial of service or potential code execution via a buffer-underflow in the GVariant parser when processing maliciously crafted input strings.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
GnomeGlib Version < 2.86.3
RedhatEnterprise Linux Version7.0
RedhatEnterprise Linux Version8.0
RedhatEnterprise Linux Version9.0
RedhatEnterprise Linux Version10.0
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.77% 0.512
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 9.8 3.9 5.9
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
secalert@redhat.com 5.6 2.2 3.4
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
CWE-190 Integer Overflow or Wraparound

The product performs a calculation that can produce an integer overflow or wraparound when the logic assumes that the resulting value will always be larger than the original value. This occurs when an integer value is incremented to a value that is too large to store in the associated representation. When this occurs, the value may become a very small or negative number.

https://access.redhat.com/security/cve/CVE-2025-14087
Third Party Advisory
Mitigation
https://bugzilla.redhat.com/show_bug.cgi?id=2419093
Third Party Advisory
Issue Tracking
https://gitlab.gnome.org/GNOME/glib/-/issues/3834
https://access.redhat.com/errata/RHSA-2026:7461
https://access.redhat.com/errata/RHSA-2026:15971
https://access.redhat.com/errata/RHSA-2026:15953
https://access.redhat.com/errata/RHSA-2026:15969
https://access.redhat.com/errata/RHSA-2026:19148
https://access.redhat.com/errata/RHSA-2026:19361
https://access.redhat.com/errata/RHSA-2026:19452
https://access.redhat.com/errata/RHSA-2026:19459
https://access.redhat.com/errata/RHSA-2026:19460
https://access.redhat.com/errata/RHSA-2026:19457
https://access.redhat.com/errata/RHSA-2026:19523
https://access.redhat.com/errata/RHSA-2026:19524
https://access.redhat.com/errata/RHSA-2026:19565
https://access.redhat.com/errata/RHSA-2026:19566
https://access.redhat.com/errata/RHSA-2026:19567
https://access.redhat.com/errata/RHSA-2026:21275
https://access.redhat.com/errata/RHSA-2026:22634
https://access.redhat.com/errata/RHSA-2026:25096
https://access.redhat.com/errata/RHSA-2026:29197