JLSEC-2025-157 An issue was discovered in GNOME GLib before 2.66.6 and 2.67.x before 2.67.3

An issue was discovered in GNOME GLib before 2.66.6 and 2.67.x before 2.67.3. The function gbytesnew has an integer overflow on 64-bit platforms due to an implicit cast from 64 bits to 32 bits. The overflow could potentially lead to memory corruption...

glib: integer overflow in g_bytes_new function on 64-bit platforms due to an implicit cast from 64 bits to 32 bits

An integer wraparound was discovered in glib due to passing a 64 bit sized value to function gmemdup which accepts a 32 bits number as argument. An attacker may abuse this flaw when an application linked against the glib library uses gbytesnew function or possibly other functions that use gmemdup...