GLib Integer Overflow Vulnerability in g_buffered_input_stream_peek() Function Leading to Buffer Overflow

Vulnerability

A vulnerability exists in the GLib library due to inadequate validation of offset and count parameters in the g_buffered_input_stream_peek() function. This oversight can cause an integer overflow during length calculations. When specially crafted values are used, the overflow leads to an incorrect size being passed to memcpy(), resulting in a buffer overflow. Such exploitation can cause application crashes, creating a Denial of Service (DoS) condition.

Impact

Exploitation of this vulnerability causes application crashes and instability, leading to a Denial of Service (DoS) condition. Additionally, the buffer overflow could be exploited to execute unauthorized code or commands, bypassing protection mechanisms.

Added: Jan 21, 2026, 12:18 PM

Updated: Jan 21, 2026, 12:18 PM

Vulnerability Rating

Custom Algorithm

spread

7.8

impact

2.5

exploitability

4.7

remediation

0.0

relevance

2.2

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

7.8

impact

2.5

exploitability

4.7

remediation

0.0

relevance

2.2

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

GLib Integer Overflow Vulnerability in g_buffered_input_stream_peek() Function Leading to Buffer Overflow

Vulnerability

Impact

Affected Products

GNOME GLib

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating