gio/gsocks4aproxy.c in GNOME GLib before 2.82.1 has an off-by-one error and resultant buffer overflow because SOCKS4_CONN_MSG_LEN is not sufficient for a trailing '\0' character.
RHEL 9 is in a "Will not fix" state according to CVE-2024-52533. Can anyone explain the justification for not fixing for RHEL9? Also, is there a link with additional Red Hat information beyond this bug and the CVE page? Thanks, -Dave
I believe I have been incorrectly added to this ticket. Nothing to report.
This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2025:0936 https://access.redhat.com/errata/RHSA-2025:0936
(In reply to David McInnis from comment #2) > RHEL 9 is in a "Will not fix" state according to CVE-2024-52533. > > Can anyone explain the justification for not fixing for RHEL9? Hi, this is a very low-severity issue. Only affects you if (a) username component of URL is exactly 255 bytes, AND (b) hostname component of URL is also exactly 255 bytes. In the extremely unlikely event you're using a socks4a proxy with a URL that meets both of those conditions, or have decided to allow an attacker to specify which proxy URLs to use for some very strange reason, then the impact is a one byte out of bounds write that is not attacker-controlled (it will always be the trailing nul byte). Suffice to say CVSS scores do not always map well to actual risk, and I wouldn't worry about this one. If I were analyzing this today, I would not have requested a CVE at all since the risk here is very low. Surely there are very many far more serious issues that never receive CVE IDs. However, it is an out of bounds write, so it is technically a vulnerability. > Also, is there a link with additional Red Hat information beyond this bug > and the CVE page? See: https://gitlab.gnome.org/GNOME/glib/-/issues/3461
This issue has been addressed in the following products: Red Hat Enterprise Linux 10 Via RHSA-2025:10855 https://access.redhat.com/errata/RHSA-2025:10855
This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2025:11140 https://access.redhat.com/errata/RHSA-2025:11140
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2025:11327 https://access.redhat.com/errata/RHSA-2025:11327
This issue has been addressed in the following products: Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions Via RHSA-2025:11373 https://access.redhat.com/errata/RHSA-2025:11373
This issue has been addressed in the following products: Red Hat Enterprise Linux 9.4 Extended Update Support Via RHSA-2025:11374 https://access.redhat.com/errata/RHSA-2025:11374
This issue has been addressed in the following products: Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions Via RHSA-2025:12275 https://access.redhat.com/errata/RHSA-2025:12275
This issue has been addressed in the following products: RHEL-8 based Middleware Containers Via RHSA-2025:13276 https://access.redhat.com/errata/RHSA-2025:13276
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On Via RHSA-2025:14990 https://access.redhat.com/errata/RHSA-2025:14990
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions Red Hat Enterprise Linux 8.8 Telecommunications Update Service Via RHSA-2025:14989 https://access.redhat.com/errata/RHSA-2025:14989
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.2 Advanced Update Support Via RHSA-2025:14991 https://access.redhat.com/errata/RHSA-2025:14991
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions Red Hat Enterprise Linux 8.6 Telecommunications Update Service Via RHSA-2025:14988 https://access.redhat.com/errata/RHSA-2025:14988