Bug 2433321
| Summary: | CVE-2026-1484 xdg-desktop-portal-cosmic: Integer Overflow Leading to Buffer Underflow and Out-of-Bounds Write in GLib g_base64_encode() [fedora-all] | ||
|---|---|---|---|
| Product: | [Fedora] Fedora | Reporter: | Abhishek Raj <abhraj> |
| Component: | xdg-desktop-portal-cosmic | Assignee: | Ryan Brue <ryanbrue.dev> |
| Status: | CLOSED NOTABUG | QA Contact: | |
| Severity: | medium | Docs Contact: | |
| Priority: | medium | ||
| Version: | 43 | CC: | cosmic-sig, decathorpe, rust-sig, ryanbrue.dev |
| Target Milestone: | --- | Keywords: | Security, SecurityTracking |
| Target Release: | --- | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | {"flaws": ["a1c2e48b-9ea4-412f-b7f8-2a9358aad591"]} | ||
| Fixed In Version: | Doc Type: | --- | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2026-02-05 21:15:40 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | |||
| Bug Blocks: | 2433259 | ||
|
Description
Abhishek Raj
2026-01-27 12:56:38 UTC
This issue is in the "glib" C library (packaged as "glib2"), not in the "glib" Rust crate used in this package. glib2 is only dynamically linked here. So the issue needs to be fixed in glib2, and there is nothing to be done here. |