CVE-2024-52533

EUVD-2024-45936
gio/gsocks4aproxy.c in GNOME GLib before 2.82.1 has an off-by-one error and resultant buffer overflow because SOCKS4_CONN_MSG_LEN is not sufficient for a trailing '\0' character.
Classic Buffer Overflow
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 87%
Affected Products (NVD)
VendorProductVersion
gnomeglib
𝑥
< 2.82.1
debiandebian_linux
11.0
netappactive_iq_unified_manager
-
𝑥
= Vulnerable software versions
Early Detection
Affected products identified ahead of NVD analysis through intelligence sources.
VendorProductVersionSource
gnomeglib
𝑥
< 2.82.1
ADP
Debian logo
Debian Releases
Debian Product
Codename
glib2.0
bookworm
2.74.6-2+deb12u7
fixed
bookworm (security)
vulnerable
bullseye
vulnerable
bullseye (security)
2.66.8-1+deb11u7
fixed
forky
2.86.3-1
fixed
sid
2.86.3-2
fixed
trixie
2.84.4-3~deb13u1
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
glib2.0
bionic
Fixed 2.56.4-0ubuntu0.18.04.9+esm4
released
focal
Fixed 2.64.6-1~ubuntu20.04.8
released
jammy
Fixed 2.72.4-0ubuntu2.4
released
noble
Fixed 2.80.0-6ubuntu3.2
released
oracular
Fixed 2.82.1-0ubuntu1
released
plucky
Fixed 2.82.1-0ubuntu1
released
questing
Fixed 2.82.1-0ubuntu1
released
trusty
needs-triage
xenial
Fixed 2.48.2-0ubuntu4.8+esm4
released
openSUSE logo
openSUSE / SLES Releases
openSUSE Product
Release
glib2-devel
suse enterprise desktop 15 SP5
2.70.5-150400.3.17.1
fixed
suse enterprise desktop 15 SP6
2.78.6-150600.4.8.1
fixed
suse enterprise desktop 15 SP7
2.78.6-150600.4.8.1
fixed
suse enterprise sap 15 SP2
2.62.6-150200.3.24.1
fixed
suse enterprise sap 15 SP3
2.62.6-150200.3.24.1
fixed
suse enterprise sap 15 SP5
2.70.5-150400.3.17.1
fixed
suse enterprise sap 15 SP6
2.78.6-150600.4.8.1
fixed
suse enterprise sap 15 SP7
2.78.6-150600.4.8.1
fixed
suse enterprise server 12 SP5
2.48.2-12.43.1
fixed
suse enterprise server 15 SP2
2.62.6-150200.3.24.1
fixed
suse enterprise server 15 SP3
2.62.6-150200.3.24.1
fixed
suse enterprise server 15 SP4
2.70.5-150400.3.17.1
fixed
suse enterprise server 15 SP5
2.70.5-150400.3.17.1
fixed
suse enterprise server 15 SP6
2.78.6-150600.4.8.1
fixed
suse enterprise server 15 SP7
2.78.6-150600.4.8.1
fixed
glib2-lang
suse enterprise desktop 15 SP5
2.70.5-150400.3.17.1
fixed
suse enterprise desktop 15 SP6
2.78.6-150600.4.8.1
fixed
suse enterprise desktop 15 SP7
2.78.6-150600.4.8.1
fixed
suse enterprise sap 15 SP2
2.62.6-150200.3.24.1
fixed
suse enterprise sap 15 SP3
2.62.6-150200.3.24.1
fixed
suse enterprise sap 15 SP5
2.70.5-150400.3.17.1
fixed
suse enterprise sap 15 SP6
2.78.6-150600.4.8.1
fixed
suse enterprise sap 15 SP7
2.78.6-150600.4.8.1
fixed
suse enterprise server 12 SP3
2.48.2-12.43.1
fixed
suse enterprise server 12 SP5
2.48.2-12.43.1
fixed
suse enterprise server 15 SP2
2.62.6-150200.3.24.1
fixed
suse enterprise server 15 SP3
2.62.6-150200.3.24.1
fixed
suse enterprise server 15 SP4
2.70.5-150400.3.17.1
fixed
suse enterprise server 15 SP5
2.70.5-150400.3.17.1
fixed
suse enterprise server 15 SP6
2.78.6-150600.4.8.1
fixed
suse enterprise server 15 SP7
2.78.6-150600.4.8.1
fixed
glib2-tools
suse enterprise desktop 15 SP5
2.70.5-150400.3.17.1
fixed
suse enterprise desktop 15 SP6
2.78.6-150600.4.8.1
fixed
suse enterprise desktop 15 SP7
2.78.6-150600.4.8.1
fixed
suse enterprise sap 15 SP2
2.62.6-150200.3.24.1
fixed
suse enterprise sap 15 SP3
2.62.6-150200.3.24.1
fixed
suse enterprise sap 15 SP5
2.70.5-150400.3.17.1
fixed
suse enterprise sap 15 SP6
2.78.6-150600.4.8.1
fixed
suse enterprise sap 15 SP7
2.78.6-150600.4.8.1
fixed
suse enterprise server 12 SP3
2.48.2-12.43.1
fixed
suse enterprise server 12 SP5
2.48.2-12.43.1
fixed
suse enterprise server 15 SP2
2.62.6-150200.3.24.1
fixed
suse enterprise server 15 SP3
2.62.6-150200.3.24.1
fixed
suse enterprise server 15 SP4
2.70.5-150400.3.17.1
fixed
suse enterprise server 15 SP5
2.70.5-150400.3.17.1
fixed
suse enterprise server 15 SP6
2.78.6-150600.4.8.1
fixed
suse enterprise server 15 SP7
2.78.6-150600.4.8.1
fixed
libgio-2_0-0
suse enterprise desktop 15 SP5
2.70.5-150400.3.17.1
fixed
suse enterprise desktop 15 SP6
2.78.6-150600.4.8.1
fixed
suse enterprise desktop 15 SP7
2.78.6-150600.4.8.1
fixed
suse enterprise sap 15 SP2
2.62.6-150200.3.24.1
fixed
suse enterprise sap 15 SP3
2.62.6-150200.3.24.1
fixed
suse enterprise sap 15 SP5
2.70.5-150400.3.17.1
fixed
suse enterprise sap 15 SP6
2.78.6-150600.4.8.1
fixed
suse enterprise sap 15 SP7
2.78.6-150600.4.8.1
fixed
suse enterprise server 12 SP3
2.48.2-12.43.1
fixed
suse enterprise server 12 SP5
2.48.2-12.43.1
fixed
suse enterprise server 15 SP2
2.62.6-150200.3.24.1
fixed
suse enterprise server 15 SP3
2.62.6-150200.3.24.1
fixed
suse enterprise server 15 SP4
2.70.5-150400.3.17.1
fixed
suse enterprise server 15 SP5
2.70.5-150400.3.17.1
fixed
suse enterprise server 15 SP6
2.78.6-150600.4.8.1
fixed
suse enterprise server 15 SP7
2.78.6-150600.4.8.1
fixed
libgio-2_0-0-32bit
suse enterprise desktop 15 SP5
2.70.5-150400.3.17.1
fixed
suse enterprise desktop 15 SP6
2.78.6-150600.4.8.1
fixed
suse enterprise desktop 15 SP7
2.78.6-150600.4.8.1
fixed
suse enterprise sap 15 SP2
2.62.6-150200.3.24.1
fixed
suse enterprise sap 15 SP3
2.62.6-150200.3.24.1
fixed
suse enterprise sap 15 SP5
2.70.5-150400.3.17.1
fixed
suse enterprise sap 15 SP6
2.78.6-150600.4.8.1
fixed
suse enterprise sap 15 SP7
2.78.6-150600.4.8.1
fixed
suse enterprise server 12 SP3
2.48.2-12.43.1
fixed
suse enterprise server 12 SP5
2.48.2-12.43.1
fixed
suse enterprise server 15 SP2
2.62.6-150200.3.24.1
fixed
suse enterprise server 15 SP3
2.62.6-150200.3.24.1
fixed
suse enterprise server 15 SP4
2.70.5-150400.3.17.1
fixed
suse enterprise server 15 SP5
2.70.5-150400.3.17.1
fixed
suse enterprise server 15 SP6
2.78.6-150600.4.8.1
fixed
suse enterprise server 15 SP7
2.78.6-150600.4.8.1
fixed
libglib-2_0-0
suse enterprise desktop 15 SP5
2.70.5-150400.3.17.1
fixed
suse enterprise desktop 15 SP6
2.78.6-150600.4.8.1
fixed
suse enterprise desktop 15 SP7
2.78.6-150600.4.8.1
fixed
suse enterprise sap 15 SP2
2.62.6-150200.3.24.1
fixed
suse enterprise sap 15 SP3
2.62.6-150200.3.24.1
fixed
suse enterprise sap 15 SP5
2.70.5-150400.3.17.1
fixed
suse enterprise sap 15 SP6
2.78.6-150600.4.8.1
fixed
suse enterprise sap 15 SP7
2.78.6-150600.4.8.1
fixed
suse enterprise server 12 SP3
2.48.2-12.43.1
fixed
suse enterprise server 12 SP5
2.48.2-12.43.1
fixed
suse enterprise server 15 SP2
2.62.6-150200.3.24.1
fixed
suse enterprise server 15 SP3
2.62.6-150200.3.24.1
fixed
suse enterprise server 15 SP4
2.70.5-150400.3.17.1
fixed
suse enterprise server 15 SP5
2.70.5-150400.3.17.1
fixed
suse enterprise server 15 SP6
2.78.6-150600.4.8.1
fixed
suse enterprise server 15 SP7
2.78.6-150600.4.8.1
fixed
libglib-2_0-0-32bit
suse enterprise desktop 15 SP5
2.70.5-150400.3.17.1
fixed
suse enterprise desktop 15 SP6
2.78.6-150600.4.8.1
fixed
suse enterprise desktop 15 SP7
2.78.6-150600.4.8.1
fixed
suse enterprise sap 15 SP2
2.62.6-150200.3.24.1
fixed
suse enterprise sap 15 SP3
2.62.6-150200.3.24.1
fixed
suse enterprise sap 15 SP5
2.70.5-150400.3.17.1
fixed
suse enterprise sap 15 SP6
2.78.6-150600.4.8.1
fixed
suse enterprise sap 15 SP7
2.78.6-150600.4.8.1
fixed
suse enterprise server 12 SP3
2.48.2-12.43.1
fixed
suse enterprise server 12 SP5
2.48.2-12.43.1
fixed
suse enterprise server 15 SP2
2.62.6-150200.3.24.1
fixed
suse enterprise server 15 SP3
2.62.6-150200.3.24.1
fixed
suse enterprise server 15 SP4
2.70.5-150400.3.17.1
fixed
suse enterprise server 15 SP5
2.70.5-150400.3.17.1
fixed
suse enterprise server 15 SP6
2.78.6-150600.4.8.1
fixed
suse enterprise server 15 SP7
2.78.6-150600.4.8.1
fixed
libgmodule-2_0-0
suse enterprise desktop 15 SP5
2.70.5-150400.3.17.1
fixed
suse enterprise desktop 15 SP6
2.78.6-150600.4.8.1
fixed
suse enterprise desktop 15 SP7
2.78.6-150600.4.8.1
fixed
suse enterprise sap 15 SP2
2.62.6-150200.3.24.1
fixed
suse enterprise sap 15 SP3
2.62.6-150200.3.24.1
fixed
suse enterprise sap 15 SP5
2.70.5-150400.3.17.1
fixed
suse enterprise sap 15 SP6
2.78.6-150600.4.8.1
fixed
suse enterprise sap 15 SP7
2.78.6-150600.4.8.1
fixed
suse enterprise server 12 SP3
2.48.2-12.43.1
fixed
suse enterprise server 12 SP5
2.48.2-12.43.1
fixed
suse enterprise server 15 SP2
2.62.6-150200.3.24.1
fixed
suse enterprise server 15 SP3
2.62.6-150200.3.24.1
fixed
suse enterprise server 15 SP4
2.70.5-150400.3.17.1
fixed
suse enterprise server 15 SP5
2.70.5-150400.3.17.1
fixed
suse enterprise server 15 SP6
2.78.6-150600.4.8.1
fixed
suse enterprise server 15 SP7
2.78.6-150600.4.8.1
fixed
libgmodule-2_0-0-32bit
suse enterprise desktop 15 SP5
2.70.5-150400.3.17.1
fixed
suse enterprise desktop 15 SP6
2.78.6-150600.4.8.1
fixed
suse enterprise desktop 15 SP7
2.78.6-150600.4.8.1
fixed
suse enterprise sap 15 SP2
2.62.6-150200.3.24.1
fixed
suse enterprise sap 15 SP3
2.62.6-150200.3.24.1
fixed
suse enterprise sap 15 SP5
2.70.5-150400.3.17.1
fixed
suse enterprise sap 15 SP6
2.78.6-150600.4.8.1
fixed
suse enterprise sap 15 SP7
2.78.6-150600.4.8.1
fixed
suse enterprise server 12 SP3
2.48.2-12.43.1
fixed
suse enterprise server 12 SP5
2.48.2-12.43.1
fixed
suse enterprise server 15 SP2
2.62.6-150200.3.24.1
fixed
suse enterprise server 15 SP3
2.62.6-150200.3.24.1
fixed
suse enterprise server 15 SP4
2.70.5-150400.3.17.1
fixed
suse enterprise server 15 SP5
2.70.5-150400.3.17.1
fixed
suse enterprise server 15 SP6
2.78.6-150600.4.8.1
fixed
suse enterprise server 15 SP7
2.78.6-150600.4.8.1
fixed
libgobject-2_0-0
suse enterprise desktop 15 SP5
2.70.5-150400.3.17.1
fixed
suse enterprise desktop 15 SP6
2.78.6-150600.4.8.1
fixed
suse enterprise desktop 15 SP7
2.78.6-150600.4.8.1
fixed
suse enterprise sap 15 SP2
2.62.6-150200.3.24.1
fixed
suse enterprise sap 15 SP3
2.62.6-150200.3.24.1
fixed
suse enterprise sap 15 SP5
2.70.5-150400.3.17.1
fixed
suse enterprise sap 15 SP6
2.78.6-150600.4.8.1
fixed
suse enterprise sap 15 SP7
2.78.6-150600.4.8.1
fixed
suse enterprise server 12 SP3
2.48.2-12.43.1
fixed
suse enterprise server 12 SP5
2.48.2-12.43.1
fixed
suse enterprise server 15 SP2
2.62.6-150200.3.24.1
fixed
suse enterprise server 15 SP3
2.62.6-150200.3.24.1
fixed
suse enterprise server 15 SP4
2.70.5-150400.3.17.1
fixed
suse enterprise server 15 SP5
2.70.5-150400.3.17.1
fixed
suse enterprise server 15 SP6
2.78.6-150600.4.8.1
fixed
suse enterprise server 15 SP7
2.78.6-150600.4.8.1
fixed
libgobject-2_0-0-32bit
suse enterprise desktop 15 SP5
2.70.5-150400.3.17.1
fixed
suse enterprise desktop 15 SP6
2.78.6-150600.4.8.1
fixed
suse enterprise desktop 15 SP7
2.78.6-150600.4.8.1
fixed
suse enterprise sap 15 SP2
2.62.6-150200.3.24.1
fixed
suse enterprise sap 15 SP3
2.62.6-150200.3.24.1
fixed
suse enterprise sap 15 SP5
2.70.5-150400.3.17.1
fixed
suse enterprise sap 15 SP6
2.78.6-150600.4.8.1
fixed
suse enterprise sap 15 SP7
2.78.6-150600.4.8.1
fixed
suse enterprise server 12 SP3
2.48.2-12.43.1
fixed
suse enterprise server 12 SP5
2.48.2-12.43.1
fixed
suse enterprise server 15 SP2
2.62.6-150200.3.24.1
fixed
suse enterprise server 15 SP3
2.62.6-150200.3.24.1
fixed
suse enterprise server 15 SP4
2.70.5-150400.3.17.1
fixed
suse enterprise server 15 SP5
2.70.5-150400.3.17.1
fixed
suse enterprise server 15 SP6
2.78.6-150600.4.8.1
fixed
suse enterprise server 15 SP7
2.78.6-150600.4.8.1
fixed
libgthread-2_0-0
suse enterprise desktop 15 SP5
2.70.5-150400.3.17.1
fixed
suse enterprise desktop 15 SP6
2.78.6-150600.4.8.1
fixed
suse enterprise desktop 15 SP7
2.78.6-150600.4.8.1
fixed
suse enterprise sap 15 SP2
2.62.6-150200.3.24.1
fixed
suse enterprise sap 15 SP3
2.62.6-150200.3.24.1
fixed
suse enterprise sap 15 SP5
2.70.5-150400.3.17.1
fixed
suse enterprise sap 15 SP6
2.78.6-150600.4.8.1
fixed
suse enterprise sap 15 SP7
2.78.6-150600.4.8.1
fixed
suse enterprise server 12 SP3
2.48.2-12.43.1
fixed
suse enterprise server 12 SP5
2.48.2-12.43.1
fixed
suse enterprise server 15 SP2
2.62.6-150200.3.24.1
fixed
suse enterprise server 15 SP3
2.62.6-150200.3.24.1
fixed
suse enterprise server 15 SP4
2.70.5-150400.3.17.1
fixed
suse enterprise server 15 SP5
2.70.5-150400.3.17.1
fixed
suse enterprise server 15 SP6
2.78.6-150600.4.8.1
fixed
suse enterprise server 15 SP7
2.78.6-150600.4.8.1
fixed
libgthread-2_0-0-32bit
suse enterprise server 12 SP3
2.48.2-12.43.1
fixed
suse enterprise server 12 SP5
2.48.2-12.43.1
fixed
Red Hat logo
Red Hat Enterprise Linux Releases
Red Hat Product
Release
glib2
RHEL 8
0:2.56.4-166.el8_10
fixed
RHEL 8.2 AUS
0:2.56.4-8.el8_2.2
fixed
RHEL 8.4 AUS
0:2.56.4-10.el8_4.2
fixed
RHEL 8.6 AUS
0:2.56.4-158.el8_6.2
fixed
RHEL 8.6 E4S
0:2.56.4-158.el8_6.2
fixed
RHEL 8.6 TUS
0:2.56.4-158.el8_6.2
fixed
RHEL 8.8 E4S
0:2.56.4-162.el8_8
fixed
RHEL 8.8 TUS
0:2.56.4-162.el8_8
fixed
RHEL 9
0:2.68.4-16.el9_6.2
fixed
glib2-devel
RHEL 8
0:2.56.4-166.el8_10
fixed
RHEL 8.2 AUS
0:2.56.4-8.el8_2.2
fixed
RHEL 8.4 AUS
0:2.56.4-10.el8_4.2
fixed
RHEL 8.6 AUS
0:2.56.4-158.el8_6.2
fixed
RHEL 8.6 E4S
0:2.56.4-158.el8_6.2
fixed
RHEL 8.6 TUS
0:2.56.4-158.el8_6.2
fixed
RHEL 8.8 E4S
0:2.56.4-162.el8_8
fixed
RHEL 8.8 TUS
0:2.56.4-162.el8_8
fixed
RHEL 9
0:2.68.4-16.el9_6.2
fixed
glib2-doc
RHEL 8
0:2.56.4-166.el8_10
fixed
RHEL 9
0:2.68.4-16.el9_6.2
fixed
glib2-fam
RHEL 8
0:2.56.4-166.el8_10
fixed
RHEL 8.2 AUS
0:2.56.4-8.el8_2.2
fixed
RHEL 8.4 AUS
0:2.56.4-10.el8_4.2
fixed
RHEL 8.6 AUS
0:2.56.4-158.el8_6.2
fixed
RHEL 8.6 E4S
0:2.56.4-158.el8_6.2
fixed
RHEL 8.6 TUS
0:2.56.4-158.el8_6.2
fixed
RHEL 8.8 E4S
0:2.56.4-162.el8_8
fixed
RHEL 8.8 TUS
0:2.56.4-162.el8_8
fixed
glib2-static
RHEL 8
0:2.56.4-166.el8_10
fixed
RHEL 9
0:2.68.4-16.el9_6.2
fixed
glib2-tests
RHEL 8
0:2.56.4-166.el8_10
fixed
RHEL 8.2 AUS
0:2.56.4-8.el8_2.2
fixed
RHEL 8.4 AUS
0:2.56.4-10.el8_4.2
fixed
RHEL 8.6 AUS
0:2.56.4-158.el8_6.2
fixed
RHEL 8.6 E4S
0:2.56.4-158.el8_6.2
fixed
RHEL 8.6 TUS
0:2.56.4-158.el8_6.2
fixed
RHEL 8.8 E4S
0:2.56.4-162.el8_8
fixed
RHEL 8.8 TUS
0:2.56.4-162.el8_8
fixed
RHEL 9
0:2.68.4-16.el9_6.2
fixed
mingw32-glib2
RHEL 9
0:2.78.6-2.el9
fixed
mingw32-glib2-static
RHEL 9
0:2.78.6-2.el9
fixed
mingw64-glib2
RHEL 9
0:2.78.6-2.el9
fixed
mingw64-glib2-static
RHEL 9
0:2.78.6-2.el9
fixed
Common Weakness Enumeration
References
https://gitlab.gnome.org/GNOME/glib/-/issues/3461
https://gitlab.gnome.org/GNOME/glib/-/releases/2.82.1
https://gitlab.gnome.org/Teams/Releng/security/-/wikis/home
http://www.openwall.com/lists/oss-security/2024/11/12/11
https://lists.debian.org/debian-lts-announce/2024/11/msg00020.html
https://security.netapp.com/advisory/ntap-20241206-0009/