Glib Buffer Underflow Vulnerability in Content Type Parsing Leading to Local Denial-of-Service

Vulnerability

A buffer underflow vulnerability has been identified in Glib's content type parsing. This issue arises because the length of header lines is stored in a signed integer, which can cause integer wraparound with very large inputs. The resulting pointer underflow allows for out-of-bounds memory access. Exploitation of this vulnerability requires a local user to process a specially crafted treemagic file, potentially leading to a local denial-of-service or application instability.

Impact

Exploitation of this vulnerability can cause a local denial-of-service by crashing the application or creating instability. However, according to Red Hat, if the corrupted memory can be controlled, it may allow for arbitrary code execution.

Added: Jan 27, 2026, 2:19 PM

Updated: Jan 27, 2026, 3:03 PM

Vulnerability Rating

Custom Algorithm

spread

7.8

impact

2.5

exploitability

4.2

remediation

0.0

relevance

2.3

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

7.8

impact

2.5

exploitability

4.2

remediation

0.0

relevance

2.3

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Glib Buffer Underflow Vulnerability in Content Type Parsing Leading to Local Denial-of-Service

Vulnerability

Impact

Affected Products

GNOME GLib

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating