glib-networking OpenSSL Backend Memory Allocation Vulnerability

Vulnerability

A vulnerability exists in the OpenSSL backend of glib-networking due to improper handling of memory allocation return values. This oversight can lead to out-of-memory conditions, potentially causing writes to invalid memory locations. While this issue could result in uninitialized memory dereferences, the OpenSSL backend is not compiled by default in any Red Hat products, leaving no components affected.

Impact

Exploitation of this vulnerability can cause a denial-of-service condition by crashing the process. Additionally, it may lead to uninitialized memory dereferences, which can be exploited to execute unauthorized code or commands, read memory, or modify memory, particularly if privileged code can access certain memory addresses.

Added: Sep 25, 2025, 4:17 PM

Updated: Sep 25, 2025, 4:17 PM

Vulnerability Rating

Custom Algorithm

spread

7.8

impact

0.6

exploitability

4.7

remediation

0.0

relevance

0.6

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

7.8

impact

0.6

exploitability

4.7

remediation

0.0

relevance

0.6

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

glib-networking OpenSSL Backend Memory Allocation Vulnerability

Vulnerability

Impact

Affected Products

GNOME glib-networking

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating