Primary

Context

GLib Integer Overflow and Buffer Under-Read Vulnerability in ISO 8601 Timestamp Parsing

Vulnerability

Patched

A vulnerability exists in GLib versions prior to 2.82.5, where an integer overflow and buffer under-read occur in the function g_date_time_new_from_iso8601() when processing a long invalid ISO 8601 timestamp. This flaw can lead to potential memory corruption or other unintended behavior.

Impact

Exploitation of this vulnerability can cause an integer overflow, leading to a buffer under-read, which may result in memory corruption or other unintended behaviors.

Remediation

Users can upgrade to GLib version 2.82.5 or later to address this vulnerability. For Debian 11 (bullseye) users, the issue has been fixed in version 2.66.8-1+deb11u6.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

7.8

impact

0.6

exploitability

4.7

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

7.8

impact

0.6

exploitability

4.7

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

GLib Integer Overflow and Buffer Under-Read Vulnerability in ISO 8601 Timestamp Parsing

Vulnerability

Impact

Remediation

Affected Products

GNOME GLib

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating