TencentOS Server 4: librsvg2 (TSSA-2025:0745)

🗓️ 20 Nov 2025 00:00:00Reported by TenableType

TencentOS Server 4 has GLib vulnerabilities; update to the fixed package addressing CVE-2025-6052, CVE-2025-4373, and CVE-2025-3360.

Reporter	Title	Published	Views	Family All 308
IBM Security Bulletins	Security Bulletin: Vulnerabilities in glib2 library (CVE-2024-52533, CVE-2025-4373) affect Power HMC.	9 Sep 202513:53	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple security vulnerabilities in RedHat UBI affect IBM Robotic Process Automation for Cloud Pak	16 Jan 202614:25	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Instana Observability is affected by multiple vulnerabilities within Instana Agent container image	7 Aug 202508:11	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Sterling Connect:Direct Web Services uses glib2 which is affected by CVE-2024-52533 and CVE-2025-4373	7 Aug 202506:42	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in IBM MQ Operator and Queue manager container images	5 Sep 202519:04	–	ibm
IBM Security Bulletins	Security Bulletin: TSSC/IMC addresses multiple security vulnerabilities.	14 Nov 202510:42	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerabilities in multiple components affect IBM SAN Volume Controller, IBM Spectrum Virtualize and IBM FlashSystem products	26 Nov 202510:07	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerabilities exists in IBM Cloud Pak for Data System (CPDS 1.0) - Cyclops.	26 May 202606:40	–	ibm
ATTACKERKB	CVE-2025-4373	6 May 202515:16	–	attackerkb
ATTACKERKB	CVE-2025-6052	13 Jun 202515:40	–	attackerkb

Source	Link
mirrors	www.mirrors.tencent.com/tlinux/errata/tssa-20250745.xml
cve	www.cve.mitre.org/cgi-bin/cvename.cgi
cve	www.cve.mitre.org/cgi-bin/cvename.cgi
cve	www.cve.mitre.org/cgi-bin/cvename.cgi

#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Tencent Linux Security Advisory TSSA-2025:0745.
##

include('compat.inc');

if (description)
{
  script_id(275987);
  script_version("1.1");
  script_set_attribute(attribute:"plugin_modification_date", value:"2025/11/20");

  script_cve_id("CVE-2025-3360", "CVE-2025-4373", "CVE-2025-6052");

  script_name(english:"TencentOS Server 4: librsvg2 (TSSA-2025:0745)");

  script_set_attribute(attribute:"synopsis", value:
"The remote TencentOS Server 4 host is missing one or more security updates.");
  script_set_attribute(attribute:"description", value:
"The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is,
therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0745 advisory.

    Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:

    CVE-2025-6052:
    A flaw was found in how GLibs GString manages memory when adding data to strings. If a string is
    already very large, combining it with more input can cause a hidden overflow in the size calculation. This
    makes the system think it has enough memory when it doesnt. As a result, data may be written past the
    end of the allocated memory, leading to crashes or memory corruption.

    CVE-2025-4373:
    A flaw was found in GLib, which is vulnerable to an integer overflow in the g_string_insert_unichar()
    function. When the position at which to insert the character is large, the position will overflow, leading
    to a buffer underwrite.

    CVE-2025-3360:
    A flaw was found in GLib. An integer overflow and buffer under-read occur when parsing a long invalid ISO
    8601 timestamp with the g_date_time_new_from_iso8601() function.

Tenable has extracted the preceding description block directly from the Tencent Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
  script_set_attribute(attribute:"see_also", value:"https://mirrors.tencent.com/tlinux/errata/tssa-20250745.xml");
  script_set_attribute(attribute:"solution", value:
"Update the affected packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2025-6052");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"vuln_publication_date", value:"2023/12/12");
  script_set_attribute(attribute:"patch_publication_date", value:"2025/09/29");
  script_set_attribute(attribute:"plugin_publication_date", value:"2025/11/20");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:tencent:tencentos_server:4");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:tencent:tencentos_server:librsvg2");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Tencent Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2025 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info2.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/etc/os-release", "Host/TencentOS/rpm-list", "Host/cpu");

  exit(0);
}


include('rpm2.inc');

if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var os_product = get_kb_item('installed_os/local/SSH/0/product');
if (isnull(os_product) || 'TencentOS' >!< os_product) audit(AUDIT_OS_NOT, 'TencentOS');
var os_version = get_kb_item('installed_os/local/SSH/0/version');
if (isnull(os_version)) audit(AUDIT_UNKNOWN_APP_VER, 'TencentOS');
if (! preg(pattern:"^4([^0-9]|$)", string:os_version)) audit(AUDIT_OS_NOT, 'TencentOS 4.x', 'TencentOS ' + os_version);

if (!get_kb_item('Host/TencentOS/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);

var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'TencentOS', cpu);

var constraints = [
  {
    'release': '4',
    'pkgs': [
      {'reference':'librsvg2-2.56.90-8.tl4', 'cpu':'aarch64', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'librsvg2-2.56.90-8.tl4', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'librsvg2-debuginfo-2.56.90-8.tl4', 'cpu':'aarch64', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'librsvg2-debuginfo-2.56.90-8.tl4', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'librsvg2-debugsource-2.56.90-8.tl4', 'cpu':'aarch64', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'librsvg2-debugsource-2.56.90-8.tl4', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'librsvg2-devel-2.56.90-8.tl4', 'cpu':'aarch64', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'librsvg2-devel-2.56.90-8.tl4', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'librsvg2-tools-2.56.90-8.tl4', 'cpu':'aarch64', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'librsvg2-tools-2.56.90-8.tl4', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'librsvg2-tools-debuginfo-2.56.90-8.tl4', 'cpu':'aarch64', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'librsvg2-tools-debuginfo-2.56.90-8.tl4', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'rsvg-pixbuf-loader-2.56.90-8.tl4', 'cpu':'aarch64', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'rsvg-pixbuf-loader-2.56.90-8.tl4', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'rsvg-pixbuf-loader-debuginfo-2.56.90-8.tl4', 'cpu':'aarch64', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'rsvg-pixbuf-loader-debuginfo-2.56.90-8.tl4', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE}
    ]
  }
];

var os_release = get_one_kb_item('installed_os/local/SSH/0/release');
var os_sp = get_one_kb_item('Host/*/minor_release');

var flag = 0;
var reference;
var sp;
var _cpu;
var el_string;
var rpm_spec_vers_cmp;
var epoch;
var allowmaj;
var exists_check;
var cves;
foreach var constraint ( constraints ) {
  # Check that the target release is equal to the affected release
  if (!empty_or_null(constraint['release'])){
    if (constraint['release'] != os_release) continue;
  }
  if (!empty_or_null(constraint['sp'])){
    if (constraint['sp'] != os_sp) continue;
  }
  foreach var pkg ( constraint['pkgs'] ) {
    reference = NULL;
    sp = NULL;
    _cpu = NULL;
    el_string = NULL;
    rpm_spec_vers_cmp = NULL;
    epoch = NULL;
    allowmaj = NULL;
    exists_check = NULL;
    cves = NULL;
    if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];
    if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];
    if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];
    if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];
    if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];
    if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];
    if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];
    if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];
    if (!empty_or_null(pkg['cves'])) cves = pkg['cves'];
    if (reference &&
        ## (no known rpm to check OR known rpm_exists)
        (!exists_check || rpm_exists(rpm:exists_check)) &&
        rpm_check(sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj, cves:cves)) flag++;
  }
}

if (flag)
{
  security_report_v4(
      port       : 0,
      severity   : SECURITY_HOLE,
      extra      : rpm_report_get()
  );
  exit(0);
}
else
{
  var tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'librsvg2 / librsvg2-debuginfo / librsvg2-debugsource / etc');
}

20 Nov 2025 00:00Current

6.4Medium risk

Vulners AI Score6.4

CVSS 3.14.8 - 7.5

EPSS0.00742

SSVC