Bug 2492243 (CVE-2026-58010) - CVE-2026-58010 glib: buffer over-read in glib/gvariant-serialiser.c via gvs_tuple_is_normal()
Summary: CVE-2026-58010 glib: buffer over-read in glib/gvariant-serialiser.c via gvs_t...
Keywords:
Status: NEW
Alias: CVE-2026-58010
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 2494867 2494868 2494869
Blocks:
TreeView+ depends on / blocked
 
Reported: 2026-06-24 16:27 UTC by OSIDB Bzimport
Modified: 2026-06-30 12:57 UTC (History)
6 users (show)

Fixed In Version:
Clone Of:
Environment:
Last Closed:
Embargoed:


Attachments (Terms of Use)

Description OSIDB Bzimport 2026-06-24 16:27:55 UTC
gvs_tuple_is_normal() in glib/gvariant-serialiser.c:1253 has an off-by-one error in its alignment padding check. When checking whether padding bytes are zero, the bounds check uses > instead of >=, allowing a 1-byte out-of-bounds read when offset == value.size.


Note You need to log in before you can comment on or make changes to this bug.