CVE 7.5 HIGH

Glib: integer underflow in gio/gdbusintrospection.c via “g_dbus_node_info_new_for_xml”_CVE-2026-58016

7.5 / 10
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Description

A flaw was found in GLib. A state confusion issue exists in g_dbus_node_info_new_for_xml() in the gio/gdbusintrospection.c file when processing malformed D-Bus introspection XML, specifically with a <node> element nested within other elements like <method>, <signal>, <property> or <arg>. This issue can cause an unsigned integer overflow and lead to an out-of-bounds read, resulting in a denial of service.

Basic Information

ID CVE-2026-58016
Source redhat
Published Jun 30, 2026 at 13:02

Affected Product

Vendor Red Hat
Product Red Hat Enterprise Linux 10

CWE Classification

References

💭 Join the Security Discussion

🔒 Your email address will not be published. Required fields are marked *

⚠️ Please be respectful and constructive in your comments. Security discussions should remain professional.