GLib Base64 Encoding Integer Overflow Vulnerability Leading to Buffer Underflow and Out-of-Bounds Write

Vulnerability

A vulnerability exists in the GLib Base64 encoding routine, specifically in the handling of large input data. The issue arises from the improper use of integer types for length calculations, which can lead to incorrect buffer boundary assessments. This miscalculation may cause memory writes beyond the allocated buffer, potentially leading to application crashes or unpredictable behavior. The vulnerability is particularly concerning for applications that process untrusted or excessively large Base64 input using GLib.

Impact

Exploitation of this vulnerability can cause application crashes and memory corruption. The integer overflow can lead to a buffer underflow, allowing for out-of-bounds writes on the heap, which could be exploited to execute arbitrary code.

Added: Jan 27, 2026, 2:19 PM

Updated: Jan 27, 2026, 3:02 PM

Vulnerability Rating

Custom Algorithm

spread

7.8

impact

3.1

exploitability

4.2

remediation

0.0

relevance

2.4

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

7.8

impact

3.1

exploitability

4.2

remediation

0.0

relevance

2.4

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

GLib Base64 Encoding Integer Overflow Vulnerability Leading to Buffer Underflow and Out-of-Bounds Write

Vulnerability

Impact

Affected Products

GNOME GLib

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating