Glib-networking: uninitialized memory dereferences on glib-networking through glib-networking/tls/openssl/gtlsbio.c via g_tls_bio_new_from_iostream() and g_tls_bio_new_from_datagram_based()

...

Linux Distros Unpatched Vulnerability : CVE-2025-60018

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - glib-networking's OpenSSL backend fails to properly check the return value of a call to BIOwrite, resulting in an out of bounds read. CVE-2025-60018 Note that...

SUSE CVE-2025-60018

glib-networking's OpenSSL backend fails to properly check the return value of a call to BIOwrite, resulting in an out of bounds read...

SUSE CVE-2025-60019

glib-networking's OpenSSL backend fails to properly check the return value of memory allocation routines. An out of memory condition could potentially result in writing to an invalid memory location...

OESA-2025-2327 openssl security update

The OpenSSL Project is a collaborative effort to develop a robust, commercial-grade, fully featured, and Open Source toolkit implementing the Secure Sockets Layer SSL v2/v3 and Transport Layer Security TLS v1 protocols as well as a full-strength general purpose cryptography library. The project i...

OESA-2025-2326 openssl security update

The OpenSSL Project is a collaborative effort to develop a robust, commercial-grade, fully featured, and Open Source toolkit implementing the Secure Sockets Layer SSL v2/v3 and Transport Layer Security TLS v1 protocols as well as a full-strength general purpose cryptography library. The project i...

CVE-2025-60019

glib-networking's OpenSSL backend fails to properly check the return value of memory allocation routines. An out of memory condition could potentially result in writing to an invalid memory location...

CVE-2025-60019

glib-networking's OpenSSL backend fails to properly check the return value of memory allocation routines. An out of memory condition could potentially result in writing to an invalid memory location...

CVE-2025-60018

glib-networking's OpenSSL backend fails to properly check the return value of a call to BIOwrite, resulting in an out of bounds read...

CVE-2025-60019 Glib-networking: uninitialized memory dereferences on glib-networking through glib-networking/tls/openssl/gtlsbio.c via g_tls_bio_new_from_iostream() and g_tls_bio_new_from_datagram_based()

glib-networking's OpenSSL backend fails to properly check the return value of memory allocation routines. An out of memory condition could potentially result in writing to an invalid memory location...

CVE-2025-60019

glib-networking's OpenSSL backend fails to properly check the return value of memory allocation routines. An out of memory condition could potentially result in writing to an invalid memory location...

CVE-2025-60019 Glib-networking: uninitialized memory dereferences on glib-networking through glib-networking/tls/openssl/gtlsbio.c via g_tls_bio_new_from_iostream() and g_tls_bio_new_from_datagram_based()

glib-networking's OpenSSL backend fails to properly check the return value of memory allocation routines. An out of memory condition could potentially result in writing to an invalid memory location...

CVE-2025-60018

glib-networking's OpenSSL backend fails to properly check the return value of a call to BIOwrite, resulting in an out of bounds read...

CVE-2025-60018 Glib-networking: out of bound reads on glib-networking through tls/openssl/gtlscertificate-openssl.c via "g_tls_certificate_openssl_get_property()"

glib-networking's OpenSSL backend fails to properly check the return value of a call to BIOwrite, resulting in an out of bounds read...

CVE-2025-60018

CVE-2025-60018 affects glib-networking, specifically its OpenSSL backend, where BIO_write() return value is not properly checked, causing an out-of-bounds read. The issue is described across multiple sources as a vulnerability in the glib-networking OpenSSL backend, with the root cause being the ...

CVE-2025-60019

glib-networking's OpenSSL backend fails to properly check the return value of memory allocation routines. An out of memory condition could potentially result in writing to an invalid memory location...

CVE-2025-60018

glib-networking's OpenSSL backend fails to properly check the return value of a call to BIOwrite, resulting in an out of bounds read...

Node.js: Memory leak that enables remote Denial of Service against applications processing TLS client certificates

A memory leak was discovered in Node.js's OpenSSL integration when converting X.509 certificate fields to UTF-8 without freeing the allocated buffer. The vulnerability was triggered when applications called socket.getPeerCertificatetrue, causing steady memory growth through repeated TLS connectio...

Security update for curl

This update for curl fixes the following issues: CVE-2025-9086: Fixed Out of bounds read for cookie path bsc1249191 CVE-2025-10148: Predictable WebSocket mask bsc1249348 Fix the --ftp-pasv option in curl v8.14.1 bsc1246197 tooloperate: fix return code when --retry is used but not triggered...

GNOME glib-networking 代码问题漏洞

GNOME glib-networking is a networking extension package for Glib a collection of five underlying libraries written in C. A code issue vulnerability exists in GNOME glib-networking that stems from the OpenSSL backend not properly checking the return value of a memory allocation routine, which coul...