6.5

CVE-2025-14512

Glib: integer overflow in glib gio attribute escaping causes heap buffer overflow

A flaw was found in glib. This vulnerability allows a heap buffer overflow and denial-of-service (DoS) via an integer overflow in GLib's GIO (GLib Input/Output) escape_byte_string() function when processing malicious file or remote filesystem attribute values.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
GnomeGlib Version < 2.86.3
RedhatOpenshift Version4.0
RedhatEnterprise Linux Version7.0
RedhatEnterprise Linux Version8.0 SwEdition-
RedhatEnterprise Linux Version9.0
RedhatEnterprise Linux Version10.0
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.5% 0.39
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
secalert@redhat.com 6.5 2.8 3.6
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CWE-190 Integer Overflow or Wraparound

The product performs a calculation that can produce an integer overflow or wraparound when the logic assumes that the resulting value will always be larger than the original value. This occurs when an integer value is incremented to a value that is too large to store in the associated representation. When this occurs, the value may become a very small or negative number.

https://access.redhat.com/security/cve/CVE-2025-14512
Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2421339
Third Party Advisory
Issue Tracking
https://gitlab.gnome.org/GNOME/glib/-/issues/3845
https://access.redhat.com/errata/RHSA-2026:7461
https://access.redhat.com/errata/RHSA-2026:15971
https://access.redhat.com/errata/RHSA-2026:15953
https://access.redhat.com/errata/RHSA-2026:15969
https://access.redhat.com/errata/RHSA-2026:19148
https://access.redhat.com/errata/RHSA-2026:19361
https://access.redhat.com/errata/RHSA-2026:19452
https://access.redhat.com/errata/RHSA-2026:19459
https://access.redhat.com/errata/RHSA-2026:19460
https://access.redhat.com/errata/RHSA-2026:19457
https://access.redhat.com/errata/RHSA-2026:19523
https://access.redhat.com/errata/RHSA-2026:19524
https://access.redhat.com/errata/RHSA-2026:19565
https://access.redhat.com/errata/RHSA-2026:19567
https://access.redhat.com/errata/RHSA-2026:21275
https://access.redhat.com/errata/RHSA-2026:22634
https://access.redhat.com/errata/RHSA-2026:25096
https://access.redhat.com/errata/RHSA-2026:29197