CVE-2025-6052

EUVD-2025-18285
A flaw was found in how GLib’s GString manages memory when adding data to strings. If a string is already very large, combining it with more input can cause a hidden overflow in the size calculation. This makes the system think it has enough memory when it doesn’t. As a result, data may be written past the end of the allocated memory, leading to crashes or memory corruption.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
siemens-SADPADP
3.7 LOW
NETWORK
HIGH
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
Base Score
CVSS 3.x
EPSS Score
Percentile: 33%
Affected Products (NVD)
VendorProductVersion
gnomeglib
2.75.3 ≤
𝑥
≤ 2.84.3
𝑥
= Vulnerable software versions
Early Detection
Affected products identified ahead of NVD analysis through intelligence sources.
VendorProductVersionSource
SiemensRUGGEDCOM RST2428P
𝑥
< V4.0
ADP
SiemensSIMATIC CN 4100
𝑥
< V5.0
ADP
siemenssimatic_cn_4100
𝑥
< 5.0
ADP
Debian logo
Debian Releases
Debian Product
Codename
glib2.0
bookworm
2.74.6-2+deb12u9
fixed
bookworm (security)
2.74.6-2+deb12u2
fixed
bullseye
2.66.8-1+deb11u4
fixed
bullseye (security)
2.66.8-1+deb11u8
fixed
forky
2.88.2-1
fixed
sid
2.88.2-1
fixed
trixie
2.84.4-3~deb13u3
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
glib2.0
bionic
not-affected
focal
not-affected
jammy
not-affected
noble
Fixed 2.80.0-6ubuntu3.6
released
oracular
ignored
plucky
Fixed 2.84.1-1ubuntu0.2
released
questing
not-affected
trusty
not-affected
xenial
not-affected
openSUSE logo
openSUSE / SLES Releases
openSUSE Product
Release
glib2-devel
suse enterprise desktop 15 SP6
2.78.6-150600.4.16.1
fixed
suse enterprise desktop 15 SP7
2.78.6-150600.4.16.1
fixed
suse enterprise sap 15 SP6
2.78.6-150600.4.16.1
fixed
suse enterprise sap 15 SP7
2.78.6-150600.4.16.1
fixed
suse enterprise server 15 SP6
2.78.6-150600.4.16.1
fixed
suse enterprise server 15 SP7
2.78.6-150600.4.16.1
fixed
glib2-lang
suse enterprise desktop 15 SP6
2.78.6-150600.4.16.1
fixed
suse enterprise desktop 15 SP7
2.78.6-150600.4.16.1
fixed
suse enterprise sap 15 SP6
2.78.6-150600.4.16.1
fixed
suse enterprise sap 15 SP7
2.78.6-150600.4.16.1
fixed
suse enterprise server 15 SP6
2.78.6-150600.4.16.1
fixed
suse enterprise server 15 SP7
2.78.6-150600.4.16.1
fixed
glib2-tools
suse enterprise desktop 15 SP6
2.78.6-150600.4.16.1
fixed
suse enterprise desktop 15 SP7
2.78.6-150600.4.16.1
fixed
suse enterprise sap 15 SP6
2.78.6-150600.4.16.1
fixed
suse enterprise sap 15 SP7
2.78.6-150600.4.16.1
fixed
suse enterprise server 15 SP6
2.78.6-150600.4.16.1
fixed
suse enterprise server 15 SP7
2.78.6-150600.4.16.1
fixed
libgio-2_0-0
suse enterprise desktop 15 SP6
2.78.6-150600.4.16.1
fixed
suse enterprise desktop 15 SP7
2.78.6-150600.4.16.1
fixed
suse enterprise sap 15 SP6
2.78.6-150600.4.16.1
fixed
suse enterprise sap 15 SP7
2.78.6-150600.4.16.1
fixed
suse enterprise server 15 SP6
2.78.6-150600.4.16.1
fixed
suse enterprise server 15 SP7
2.78.6-150600.4.16.1
fixed
libgio-2_0-0-32bit
suse enterprise desktop 15 SP6
2.78.6-150600.4.16.1
fixed
suse enterprise desktop 15 SP7
2.78.6-150600.4.16.1
fixed
suse enterprise sap 15 SP6
2.78.6-150600.4.16.1
fixed
suse enterprise sap 15 SP7
2.78.6-150600.4.16.1
fixed
suse enterprise server 15 SP6
2.78.6-150600.4.16.1
fixed
suse enterprise server 15 SP7
2.78.6-150600.4.16.1
fixed
libglib-2_0-0
suse enterprise desktop 15 SP6
2.78.6-150600.4.16.1
fixed
suse enterprise desktop 15 SP7
2.78.6-150600.4.16.1
fixed
suse enterprise sap 15 SP6
2.78.6-150600.4.16.1
fixed
suse enterprise sap 15 SP7
2.78.6-150600.4.16.1
fixed
suse enterprise server 15 SP6
2.78.6-150600.4.16.1
fixed
suse enterprise server 15 SP7
2.78.6-150600.4.16.1
fixed
libglib-2_0-0-32bit
suse enterprise desktop 15 SP6
2.78.6-150600.4.16.1
fixed
suse enterprise desktop 15 SP7
2.78.6-150600.4.16.1
fixed
suse enterprise sap 15 SP6
2.78.6-150600.4.16.1
fixed
suse enterprise sap 15 SP7
2.78.6-150600.4.16.1
fixed
suse enterprise server 15 SP6
2.78.6-150600.4.16.1
fixed
suse enterprise server 15 SP7
2.78.6-150600.4.16.1
fixed
libgmodule-2_0-0
suse enterprise desktop 15 SP6
2.78.6-150600.4.16.1
fixed
suse enterprise desktop 15 SP7
2.78.6-150600.4.16.1
fixed
suse enterprise sap 15 SP6
2.78.6-150600.4.16.1
fixed
suse enterprise sap 15 SP7
2.78.6-150600.4.16.1
fixed
suse enterprise server 15 SP6
2.78.6-150600.4.16.1
fixed
suse enterprise server 15 SP7
2.78.6-150600.4.16.1
fixed
libgmodule-2_0-0-32bit
suse enterprise desktop 15 SP6
2.78.6-150600.4.16.1
fixed
suse enterprise desktop 15 SP7
2.78.6-150600.4.16.1
fixed
suse enterprise sap 15 SP6
2.78.6-150600.4.16.1
fixed
suse enterprise sap 15 SP7
2.78.6-150600.4.16.1
fixed
suse enterprise server 15 SP6
2.78.6-150600.4.16.1
fixed
suse enterprise server 15 SP7
2.78.6-150600.4.16.1
fixed
libgobject-2_0-0
suse enterprise desktop 15 SP6
2.78.6-150600.4.16.1
fixed
suse enterprise desktop 15 SP7
2.78.6-150600.4.16.1
fixed
suse enterprise sap 15 SP6
2.78.6-150600.4.16.1
fixed
suse enterprise sap 15 SP7
2.78.6-150600.4.16.1
fixed
suse enterprise server 15 SP6
2.78.6-150600.4.16.1
fixed
suse enterprise server 15 SP7
2.78.6-150600.4.16.1
fixed
libgobject-2_0-0-32bit
suse enterprise desktop 15 SP6
2.78.6-150600.4.16.1
fixed
suse enterprise desktop 15 SP7
2.78.6-150600.4.16.1
fixed
suse enterprise sap 15 SP6
2.78.6-150600.4.16.1
fixed
suse enterprise sap 15 SP7
2.78.6-150600.4.16.1
fixed
suse enterprise server 15 SP6
2.78.6-150600.4.16.1
fixed
suse enterprise server 15 SP7
2.78.6-150600.4.16.1
fixed
libgthread-2_0-0
suse enterprise desktop 15 SP6
2.78.6-150600.4.16.1
fixed
suse enterprise desktop 15 SP7
2.78.6-150600.4.16.1
fixed
suse enterprise sap 15 SP6
2.78.6-150600.4.16.1
fixed
suse enterprise sap 15 SP7
2.78.6-150600.4.16.1
fixed
suse enterprise server 15 SP6
2.78.6-150600.4.16.1
fixed
suse enterprise server 15 SP7
2.78.6-150600.4.16.1
fixed
Amazon Linux logo
Amazon Linux Releases
Amazon Package
Release
glib2
Amazon Linux 2023
0:2.82.2-766.amzn2023
fixed
glib2-debuginfo
Amazon Linux 2023
0:2.82.2-766.amzn2023
fixed
glib2-debugsource
Amazon Linux 2023
0:2.82.2-766.amzn2023
fixed
glib2-devel
Amazon Linux 2023
0:2.82.2-766.amzn2023
fixed
glib2-devel-debuginfo
Amazon Linux 2023
0:2.82.2-766.amzn2023
fixed
glib2-doc
Amazon Linux 2023
0:2.82.2-766.amzn2023
fixed
glib2-static
Amazon Linux 2023
0:2.82.2-766.amzn2023
fixed
glib2-tests
Amazon Linux 2023
0:2.82.2-766.amzn2023
fixed
glib2-tests-debuginfo
Amazon Linux 2023
0:2.82.2-766.amzn2023
fixed
Azure Linux logo
Azure Linux Releases
Azure Package
Release
glib
Azure Linux 3.0
0:2.78.6-3.azl3
fixed