The vulnerability of the Glib library, related to the restoration of unreliable data in memory, allows a hacker to cause a service failure.

The vulnerability of the Glib library relates to the restoration of unreliable data in memory. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the is_normal() function in the Glib library allows a attacker to cause a service failure.

The vulnerability of the isnormal function in the Glib library is related to an uncontrolled resource consumption. Exploiting this vulnerability could allow a malicious actor to cause service failures...

The vulnerability of the g_variant_byteswap() function in the Glib library, which allows a hacker to cause a service failure.

The vulnerability of the gvariantbyteswap function in the Glib library is related to an uncontrolled resource consumption. Exploiting this vulnerability could allow an attacker to cause a service failure...

CLSA-2023-1697741849 Fix of 5 CVEs

SECURITY UPDATE: GVariant security issues - debian/patches/CVE-2023-29499-x-CVE-2023-32665/.patch: fix multiple GVariant serialization issues - CVE-2023-29499, CVE-2023-32611, CVE-2023-32636, CVE-2023-32643, CVE-2023-32665 debian/patches/fix-gtestbug-assertion.patch: Fix gtestbug assertion in...

CLSA-2023-1697740947 glib2: Fix of 5 CVEs

Enable internal tests - Skip several failed tests from the check - CVE-2023-29499: Fix GVariant offset table entry size which is not checked in isnormal - CVE-2023-32611: Fix an issue where gvariantbyteswap can take a long time with some non-normal inputs - CVE-2023-32665: Fix GVariant...

CLSA-2023-1697740212 glib2: Fix of 5 CVEs

Enable internal tests - Skip several failed tests from the check - CVE-2023-29499: Fix GVariant offset table entry size which is not checked in isnormal - CVE-2023-32611: Fix an issue where gvariantbyteswap can take a long time with some non-normal inputs - CVE-2023-32665: Fix GVariant...

CLSA-2023-1696352100 glib2: Fix of CVE-2021-27218

CVE-2021-27218: gbytearray: Do not accept too large byte arrays - Enable internal tests - Skip several failed tests from the check...

AZL-28778 CVE-2023-32636 affecting package glib for versions less than 2.71.0-4

A flaw was found in glib, where the gvariant deserialization code is vulnerable to a denial of service introduced by additional input validation added to resolve CVE-2023-29499. The offset table validation may be very slow. This bug does not affect any released version of glib but does affect gli...

DEBIAN-CVE-2023-32611

A flaw was found in GLib. GVariant deserialization is vulnerable to a slowdown issue where a crafted GVariant can cause excessive processing, leading to denial of service...

AZL-28774 CVE-2023-32611 affecting package glib for versions less than 2.71.0-4

A flaw was found in GLib. GVariant deserialization is vulnerable to a slowdown issue where a crafted GVariant can cause excessive processing, leading to denial of service...

glib2 资源管理错误漏洞

glib2 is a general-purpose, portable utility library for the GNOME project. It provides many useful data types, macros, type conversions, string utilities, file utilities, main loop abstractions, and more. A resource management error vulnerability exists in glib2, which stems from a timeout due t...

glib2 资源管理错误漏洞

glib2 is a general-purpose, portable utility library for the GNOME project. It provides many useful data types, macros, type conversions, string utilities, file utilities, main loop abstractions, and more. A security vulnerability exists in glib2, which stems from the fact that gvariantbyteswap m...

UBUNTU-CVE-2023-32636

A flaw was found in glib, where the gvariant deserialization code is vulnerable to a denial of service introduced by additional input validation added to resolve CVE-2023-29499. The offset table validation may be very slow. This bug does not affect any released version of glib but does affect gli...

PT-2023-9104 · Glib +6 · Glib +6

Name of the Vulnerable Software and Affected Versions: Glib affected versions not specified Description: The issue is related to uncontrolled resource consumption in the Glib library. It may allow an attacker to cause a denial of service. Recommendations: At the moment, there is no information...

PT-2023-9105 · Glib +4 · Glib +4

Name of the Vulnerable Software and Affected Versions: Glib affected versions not specified Description: The issue is related to a buffer overflow in dynamic memory, which could allow an attacker to execute arbitrary code. Recommendations: At the moment, there is no information about a newer...

UBUNTU-CVE-2023-29499

A flaw was found in GLib. GVariant deserialization fails to validate that the input conforms to the expected format, leading to denial of service...

UBUNTU-CVE-2023-32665

A flaw was found in GLib. GVariant deserialization is vulnerable to an exponential blowup issue where a crafted GVariant can cause excessive processing, leading to denial of service...

OESA-2023-1206 glib2 security update

GLib is a bundle of three formerly five low-level system libraries written in C and developed mainly by GNOME. GLib's code was separated from GTK, so it can be used by software other than GNOME and has been developed in parallel ever since. Security Fixes: glib: DoS caused by malicious serialised...

SUSE CVE-2009-3289

The gfilecopy function in glib 2.0 sets the permissions of a target file to the permissions of a symbolic link 777, which allows user-assisted local users to modify files of other users, as demonstrated by using Nautilus to modify the permissions of the user home directory...

SUSE CVE-2018-16428

In GNOME GLib 2.56.1, gmarkupparsecontextendparse in gmarkup.c has a NULL pointer dereference...