CVE-2025-6052
EUVD-2025-1828513.06.2025, 16:15
A flaw was found in how GLib’s GString manages memory when adding data to strings. If a string is already very large, combining it with more input can cause a hidden overflow in the size calculation. This makes the system think it has enough memory when it doesn’t. As a result, data may be written past the end of the allocated memory, leading to crashes or memory corruption.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| gnome | glib | 2.75.3 ≤ 𝑥 ≤ 2.84.3 |
𝑥
= Vulnerable software versions
Early Detection
Affected products identified ahead of NVD analysis through intelligence sources.
| Vendor | Product | Version | Source |
|---|---|---|---|
| Siemens | SIMATIC CN 4100 | 𝑥 < V5.0 | ADP |
| siemens | simatic_cn_4100 | 𝑥 < 5.0 | ADP |
Debian Releases
Ubuntu Releases
openSUSE / SLES Releases
openSUSE Product | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| glib2-devel |
| ||||||||||||
| glib2-lang |
| ||||||||||||
| glib2-tools |
| ||||||||||||
| libgio-2_0-0 |
| ||||||||||||
| libgio-2_0-0-32bit |
| ||||||||||||
| libglib-2_0-0 |
| ||||||||||||
| libglib-2_0-0-32bit |
| ||||||||||||
| libgmodule-2_0-0 |
| ||||||||||||
| libgmodule-2_0-0-32bit |
| ||||||||||||
| libgobject-2_0-0 |
| ||||||||||||
| libgobject-2_0-0-32bit |
| ||||||||||||
| libgthread-2_0-0 |
|