CVE-2025-60019 Glib-networking: uninitialized memory dereferences on glib-networking through glib-networking/tls/openssl/gtlsbio.c via g_tls_bio_new_from_iostream() and g_tls_bio_new_from_datagram_based()

glib-networking's OpenSSL backend fails to properly check the return value of memory allocation routines. An out of memory condition could potentially result in writing to an invalid memory location...

CVE-2025-60019

The CVE pertains to glib-networking’s OpenSSL backend, where memory allocation return values are not properly checked. This can allow an out-of-memory condition to lead to writing to an invalid memory location. Several OSV advisories (OESA-2025-2832, 2831, 2830, 2399, 2398, 2397) explicitly docum...