Bug 2419093 (CVE-2025-14087)
| Summary: | CVE-2025-14087 glib: GLib: Buffer underflow in GVariant parser leads to heap corruption | ||
|---|---|---|---|
| Product: | [Other] Security Response | Reporter: | OSIDB Bzimport <bzimport> |
| Component: | vulnerability | Assignee: | Product Security DevOps Team <prodsec-dev> |
| Status: | NEW --- | QA Contact: | |
| Severity: | medium | Docs Contact: | |
| Priority: | medium | ||
| Version: | unspecified | CC: | adudiak, kshier, stcannon, yguenane |
| Target Milestone: | --- | Keywords: | Security |
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | --- | |
| Doc Text: |
A flaw was found in GLib (Gnome Lib). This vulnerability allows a remote attacker to cause heap corruption, leading to a denial of service or potential code execution via a buffer-underflow in the GVariant parser when processing maliciously crafted input strings.
|
Story Points: | --- |
| Clone Of: | Environment: | ||
| Last Closed: | Type: | --- | |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | 2419106, 2419125, 2419097, 2419098, 2419099, 2419100, 2419101, 2419102, 2419103, 2419104, 2419105, 2419107, 2419108, 2419109, 2419111, 2419112, 2419113, 2419114, 2419115, 2419116, 2419117, 2419118, 2419119, 2419120, 2419121, 2419122, 2419123, 2419124, 2419126, 2419127, 2419128, 2419129, 2419130, 2419131, 2419132, 2419133, 2419134 | ||
| Bug Blocks: | |||
|
Description
OSIDB Bzimport
2025-12-05 08:44:36 UTC
|