glib Integer Overflow Vulnerability Leading to Out-of-Bounds Memory Access and Path Traversal

Vulnerability

An integer overflow vulnerability has been identified in glib, specifically during the creation of temporary files. This flaw allows for out-of-bounds memory access, which could be exploited by a local attacker to perform path traversal or access private content of temporary files by creating symbolic links that the affected application would follow. The vulnerability arises from inadequate validation of file path lengths in temporary file operations.

Impact

Exploitation of this vulnerability could lead to unauthorized access of data through path traversal or by reading private temporary file contents. Additionally, the integer overflow could cause a buffer under-read, potentially allowing for further memory corruption.

Added: Sep 3, 2025, 2:27 AM

Updated: Sep 3, 2025, 2:27 AM

Vulnerability Rating

Custom Algorithm

spread

7.8

impact

2.5

exploitability

3.3

remediation

0.0

relevance

0.4

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

7.8

impact

2.5

exploitability

3.3

remediation

0.0

relevance

0.4

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

glib Integer Overflow Vulnerability Leading to Out-of-Bounds Memory Access and Path Traversal

Vulnerability

Impact

Affected Products

GNOME GLib

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating