211 matches found
SUSE CVE-2009-3289
The gfilecopy function in glib 2.0 sets the permissions of a target file to the permissions of a symbolic link 777, which allows user-assisted local users to modify files of other users, as demonstrated by using Nautilus to modify the permissions of the user home directory...
SUSE CVE-2018-16428
In GNOME GLib 2.56.1, gmarkupparsecontextendparse in gmarkup.c has a NULL pointer dereference...
The vulnerability of the g_file_replace() function in the Glib library, which allows operation under a non-root account, enables an attacker to compromise data integrity.
The vulnerability of the gfilereplace function in the Glib library is related to the ability to operate under a user account without root privileges. Exploiting this vulnerability could allow an attacker to compromise data integrity...
UBUNTU-CVE-2021-3800
A flaw was found in glib before version 2.63.6. Due to random charset alias, pkexec can leak content from files owned by privileged users to unprivileged ones under the right condition...
glib: integer overflow in g_bytes_new function on 64-bit platforms due to an implicit cast from 64 bits to 32 bits
An integer wraparound was discovered in glib due to passing a 64 bit sized value to function gmemdup which accepts a 32 bits number as argument. An attacker may abuse this flaw when an application linked against the glib library uses gbytesnew function or possibly other functions that use gmemdup...
glib: integer overflow in g_bytes_new function on 64-bit platforms due to an implicit cast from 64 bits to 32 bits
An integer wraparound was discovered in glib due to passing a 64 bit sized value to function gmemdup which accepts a 32 bits number as argument. An attacker may abuse this flaw when an application linked against the glib library uses gbytesnew function or possibly other functions that use gmemdup...
glib: integer overflow in g_bytes_new function on 64-bit platforms due to an implicit cast from 64 bits to 32 bits
An integer wraparound was discovered in glib due to passing a 64 bit sized value to function gmemdup which accepts a 32 bits number as argument. An attacker may abuse this flaw when an application linked against the glib library uses gbytesnew function or possibly other functions that use gmemdup...
glib: integer overflow in g_bytes_new function on 64-bit platforms due to an implicit cast from 64 bits to 32 bits
An integer wraparound was discovered in glib due to passing a 64 bit sized value to function gmemdup which accepts a 32 bits number as argument. An attacker may abuse this flaw when an application linked against the glib library uses gbytesnew function or possibly other functions that use gmemdup...
glib: integer overflow in g_bytes_new function on 64-bit platforms due to an implicit cast from 64 bits to 32 bits
An integer wraparound was discovered in glib due to passing a 64 bit sized value to function gmemdup which accepts a 32 bits number as argument. An attacker may abuse this flaw when an application linked against the glib library uses gbytesnew function or possibly other functions that use gmemdup...
OESA-2021-1164 glib2 security update
GLib is a bundle of three formerly five low-level system libraries written in C and developed mainly by GNOME. GLib's code was separated from GTK, so it can be used by software other than GNOME and has been developed in parallel ever since. Security Fixes: An issue was discovered in GNOME GLib...
AZL-6439 CVE-2021-28153 affecting package glib for versions less than 2.60.1-5
An issue was discovered in GNOME GLib before 2.66.8. When gfilereplace is used with GFILECREATEREPLACEDESTINATION to replace a path that is a dangling symlink, it incorrectly also creates the target of the symlink as an empty file, which could conceivably have security relevance if the symlink is...
CVE-2021-27219
An integer wraparound was discovered in glib due to passing a 64 bit sized value to function gmemdup which accepts a 32 bits number as argument. An attacker may abuse this flaw when an application linked against the glib library uses gbytesnew function or possibly other functions that use gmemdup...
The vulnerability of the g_byte_array_new_take() function in the Glib library allows a hacker to execute arbitrary code.
The vulnerability of the gbytearraynewtake function in the Glib library relates to the copying of buffers without checking the size of the input data. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...
AZL-6438 CVE-2021-27219 affecting package glib for versions less than 2.60.1-5
An issue was discovered in GNOME GLib before 2.66.6 and 2.67.x before 2.67.3. The function gbytesnew has an integer overflow on 64-bit platforms due to an implicit cast from 64 bits to 32 bits. The overflow could potentially lead to memory corruption...
PT-2021-1988 · Glib +10 · Glib +10
Name of the Vulnerable Software and Affected Versions: GLib versions prior to 2.66.7 GLib versions 2.67.x prior to 2.67.4 Description: The issue is related to the function g byte array new take in the GLib library, which is associated with the copying of a buffer without checking the size of the...
AZL-6435 CVE-2020-35457 affecting package glib for versions less than 2.60.1-5
GNOME GLib before 2.65.3 has an integer overflow, that might lead to an out-of-bounds write, in goptiongroupaddentries. NOTE: the vendor's position is "Realistically this is not a security issue. The standard pattern is for callers to provide a static list of option entries in a fixed number of...
Vulnerability of the functions g_file_make_directory_with_parents and g_file_replace_contents in the Glib library, which allows attackers to escalate their privileges and gain access to files.
The vulnerability of the gfilemakedirectorywithparents and gfilereplacecontents functions in the Glib library is related to improper handling of permissions. Exploiting this vulnerability can allow an attacker to enhance their privileges and gain access to files...
The vulnerability of the file_copy_fallback() function in the Glib library allows a hacker to gain unauthorized access to protected information.
The vulnerability of the filecopyfallback function in the Glib library is related to incorrect handling of permissions. Exploiting this vulnerability may allow an attacker, operating remotely, to gain unauthorized access to protected information...
USN-4049-4 glib2.0 regression
USN-4049-1 fixed a vulnerability in GLib. The update introduced a regression. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that GLib created directories and files without properly restricting permissions. An attacker could possibl...
The vulnerability of the g_markup_parse_context_parse function in the Glib library allows a hacker to trigger a service failure.
The vulnerability of the gmarkupparsecontextparse function gmarkup.c, method utf8str in the Glib library is related to reading beyond the buffer boundaries in memory. Exploiting this vulnerability could allow a malicious actor to cause service failures remotely...