CVE-2025-4373
EUVD-2025-1359206.05.2025, 15:16
A flaw was found in GLib, which is vulnerable to an integer overflow in the g_string_insert_unichar() function. When the position at which to insert the character is large, the position will overflow, leading to a buffer underwrite.
Early Detection
Affected products identified ahead of NVD analysis through intelligence sources.
| Vendor | Product | Version | Source |
|---|---|---|---|
| Siemens | RUGGEDCOM RST2428P | 𝑥 < V3.3 | ADP |
| Siemens | SCALANCE XC-300\/XR-300\/XC-400\/XR-500WG\/XR-500 family | 𝑥 < V3.3 | ADP |
| Siemens | SCALANCE XCH328 | 𝑥 < V3.3 | ADP |
| Siemens | SCALANCE XCM324 | 𝑥 < V3.3 | ADP |
| Siemens | SCALANCE XCM328 | 𝑥 < V3.3 | ADP |
| Siemens | SCALANCE XCM332 | 𝑥 < V3.3 | ADP |
| Siemens | SCALANCE XRH334 \(24 V DC\, 8xFO\, CC\) | 𝑥 < V3.3 | ADP |
| Siemens | SCALANCE XRM334 \(230 V AC\, 12xFO\) | 𝑥 < V3.3 | ADP |
| Siemens | SCALANCE XRM334 \(230 V AC\, 8xFO\) | 𝑥 < V3.3 | ADP |
| Siemens | SCALANCE XRM334 \(230V AC\, 2x10G\, 24xSFP\, 8xSFP\+\) | 𝑥 < V3.3 | ADP |
| Siemens | SCALANCE XRM334 \(24 V DC\, 12xFO\) | 𝑥 < V3.3 | ADP |
| Siemens | SCALANCE XRM334 \(24 V DC\, 8xFO\) | 𝑥 < V3.3 | ADP |
| Siemens | SCALANCE XRM334 \(24V DC\, 2x10G\, 24xSFP\, 8xSFP\+\) | 𝑥 < V3.3 | ADP |
| Siemens | SCALANCE XRM334 \(2x230 V AC\, 12xFO\) | 𝑥 < V3.3 | ADP |
| Siemens | SCALANCE XRM334 \(2x230 V AC\, 8xFO\) | 𝑥 < V3.3 | ADP |
| Siemens | SCALANCE XRM334 \(2x230V AC\, 2x10G\, 24xSFP\, 8xSFP\+\) | 𝑥 < V3.3 | ADP |
| Siemens | SIMATIC S7-1500 CPU 1518-4 PN\/DP MFP | V3.1.5 ≤ 𝑥 < * | ADP |
| Siemens | SIMATIC S7-1500 CPU 1518-4 PN\/DP MFP | V3.1.5 ≤ 𝑥 < * | ADP |
| Siemens | SIMATIC S7-1500 CPU 1518F-4 PN\/DP MFP | V3.1.5 ≤ 𝑥 < * | ADP |
| Siemens | SIMATIC S7-1500 CPU 1518F-4 PN\/DP MFP | V3.1.5 ≤ 𝑥 < * | ADP |
| Siemens | SIPLUS S7-1500 CPU 1518-4 PN\/DP MFP | V3.1.5 ≤ 𝑥 < * | ADP |
Debian Releases
Ubuntu Releases
Ubuntu Product | |||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| glib2.0 |
|
openSUSE / SLES Releases
openSUSE Product | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| glib2-devel |
| ||||||||||||||||
| glib2-lang |
| ||||||||||||||||
| glib2-tools |
| ||||||||||||||||
| libgio-2_0-0 |
| ||||||||||||||||
| libgio-2_0-0-32bit |
| ||||||||||||||||
| libglib-2_0-0 |
| ||||||||||||||||
| libglib-2_0-0-32bit |
| ||||||||||||||||
| libgmodule-2_0-0 |
| ||||||||||||||||
| libgmodule-2_0-0-32bit |
| ||||||||||||||||
| libgobject-2_0-0 |
| ||||||||||||||||
| libgobject-2_0-0-32bit |
| ||||||||||||||||
| libgthread-2_0-0 |
| ||||||||||||||||
| libgthread-2_0-0-32bit |
|
Red Hat Enterprise Linux Releases
Red Hat Product | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| glib2 |
| ||||||||||||||||||
| glib2-devel |
| ||||||||||||||||||
| glib2-doc |
| ||||||||||||||||||
| glib2-fam |
| ||||||||||||||||||
| glib2-static |
| ||||||||||||||||||
| glib2-tests |
|
Common Weakness Enumeration
References