CVE Details
Basic Information
| Title | Glib: integer overflow in g_string_maybe_expand() leading to potential buffer overflow in glib gstring |
|---|---|
| Type | cve |
| Published | 2025-06-13T15:40:38.541Z |
| Last Seen |
Product Information
| Vendor | Red Hat |
|---|---|
| Product | Red Hat Enterprise Linux 10 |
| Version |
CVSS Information
| Base Score | 3.7 (LOW) |
|---|---|
| Attack Vector | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L |
| Confidentiality Impact | |
| Integrity Impact | |
| Availability Impact |
AI Analysis
| AI Description | A memory management flaw in GLib’s GString can lead to an integer overflow when appending data to very large strings, potentially causing buffer overflows, crashes, or memory corruption. |
|---|---|
| AI Severity | Medium |
| Vendor | GNOME |
| Product | GLib |
| Affected Version |
Additional Information
| CVE List | |
|---|---|
| CWE List | CWE-190 |
| Bulletin Family |
References
Description
A flaw was found in how GLibโs GString manages memory when adding data to strings. If a string is already very large, combining it with more input can cause a hidden overflow in the size calculation. This makes the system think it has enough memory when it doesnโt. As a result, data may be written past the end of the allocated memory, leading to crashes or memory corruption.