CVE-2025-7039

EUVD-2025-26475

03.09.2025, 02:15

A flaw was found in glib. An integer overflow during temporary file creation leads to an out-of-bounds memory access, allowing an attacker to potentially perform path traversal or access private temporary file content by creating symbolic links. This vulnerability allows a local attacker to manipulate file paths and access unauthorized data. The core issue stems from insufficient validation of file path lengths during temporary file operations.

Path Traversal

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	3.7 LOW	NETWORK	HIGH	NONE	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N

Base Score

CVSS 3.x

EPSS Score

Percentile: 22%

Early Detection

Affected products identified ahead of NVD analysis through intelligence sources.

Vendor	Product	Version	Source
Siemens	RUGGEDCOM RST2428P	𝑥 < V4.0	ADP

Debian Releases

Debian Product

Codename

glib2.0

bookworm	2.74.6-2+deb12u9 fixed
bookworm (security)	vulnerable
bullseye	vulnerable
bullseye (security)	2.66.8-1+deb11u8 fixed
forky	2.88.1-2 fixed
sid	2.88.1-2 fixed
trixie	2.84.4-3~deb13u3 fixed

Ubuntu Releases

Ubuntu Product

Codename

glib2.0

bionic	Fixed 2.56.4-0ubuntu0.18.04.9+esm5 released
focal	Fixed 2.64.6-1~ubuntu20.04.9+esm1 released
jammy	Fixed 2.72.4-0ubuntu2.7 released
noble	Fixed 2.80.0-6ubuntu3.6 released
plucky	Fixed 2.84.1-1ubuntu0.2 released
questing	not-affected
trusty	Fixed 2.40.2-0ubuntu1.1+esm7 released
xenial	Fixed 2.48.2-0ubuntu4.8+esm5 released

openSUSE / SLES Releases

openSUSE Product

Release

glib2-devel

suse enterprise desktop 15 SP6	2.78.6-150600.4.22.1 fixed
suse enterprise desktop 15 SP7	2.78.6-150600.4.22.1 fixed
suse enterprise sap 15 SP6	2.78.6-150600.4.22.1 fixed
suse enterprise sap 15 SP7	2.78.6-150600.4.22.1 fixed
suse enterprise server 15 SP4	2.70.5-150400.3.26.1 fixed
suse enterprise server 15 SP6	2.78.6-150600.4.22.1 fixed
suse enterprise server 15 SP7	2.78.6-150600.4.22.1 fixed

glib2-lang

suse enterprise desktop 15 SP6	2.78.6-150600.4.22.1 fixed
suse enterprise desktop 15 SP7	2.78.6-150600.4.22.1 fixed
suse enterprise sap 15 SP6	2.78.6-150600.4.22.1 fixed
suse enterprise sap 15 SP7	2.78.6-150600.4.22.1 fixed
suse enterprise server 12 SP3	2.48.2-12.49.1 fixed
suse enterprise server 15 SP4	2.70.5-150400.3.26.1 fixed
suse enterprise server 15 SP6	2.78.6-150600.4.22.1 fixed
suse enterprise server 15 SP7	2.78.6-150600.4.22.1 fixed

glib2-tools

suse enterprise desktop 15 SP6	2.78.6-150600.4.22.1 fixed
suse enterprise desktop 15 SP7	2.78.6-150600.4.22.1 fixed
suse enterprise sap 15 SP6	2.78.6-150600.4.22.1 fixed
suse enterprise sap 15 SP7	2.78.6-150600.4.22.1 fixed
suse enterprise server 12 SP3	2.48.2-12.49.1 fixed
suse enterprise server 15 SP4	2.70.5-150400.3.26.1 fixed
suse enterprise server 15 SP6	2.78.6-150600.4.22.1 fixed
suse enterprise server 15 SP7	2.78.6-150600.4.22.1 fixed

libgio-2_0-0

suse enterprise desktop 15 SP6	2.78.6-150600.4.22.1 fixed
suse enterprise desktop 15 SP7	2.78.6-150600.4.22.1 fixed
suse enterprise sap 15 SP6	2.78.6-150600.4.22.1 fixed
suse enterprise sap 15 SP7	2.78.6-150600.4.22.1 fixed
suse enterprise server 12 SP3	2.48.2-12.49.1 fixed
suse enterprise server 15 SP4	2.70.5-150400.3.26.1 fixed
suse enterprise server 15 SP6	2.78.6-150600.4.22.1 fixed
suse enterprise server 15 SP7	2.78.6-150600.4.22.1 fixed

libgio-2_0-0-32bit

suse enterprise desktop 15 SP6	2.78.6-150600.4.22.1 fixed
suse enterprise desktop 15 SP7	2.78.6-150600.4.22.1 fixed
suse enterprise sap 15 SP6	2.78.6-150600.4.22.1 fixed
suse enterprise sap 15 SP7	2.78.6-150600.4.22.1 fixed
suse enterprise server 12 SP3	2.48.2-12.49.1 fixed
suse enterprise server 15 SP4	2.70.5-150400.3.26.1 fixed
suse enterprise server 15 SP6	2.78.6-150600.4.22.1 fixed
suse enterprise server 15 SP7	2.78.6-150600.4.22.1 fixed

libglib-2_0-0

suse enterprise desktop 15 SP6	2.78.6-150600.4.22.1 fixed
suse enterprise desktop 15 SP7	2.78.6-150600.4.22.1 fixed
suse enterprise sap 15 SP6	2.78.6-150600.4.22.1 fixed
suse enterprise sap 15 SP7	2.78.6-150600.4.22.1 fixed
suse enterprise server 12 SP3	2.48.2-12.49.1 fixed
suse enterprise server 15 SP4	2.70.5-150400.3.26.1 fixed
suse enterprise server 15 SP6	2.78.6-150600.4.22.1 fixed
suse enterprise server 15 SP7	2.78.6-150600.4.22.1 fixed

libglib-2_0-0-32bit

suse enterprise desktop 15 SP6	2.78.6-150600.4.22.1 fixed
suse enterprise desktop 15 SP7	2.78.6-150600.4.22.1 fixed
suse enterprise sap 15 SP6	2.78.6-150600.4.22.1 fixed
suse enterprise sap 15 SP7	2.78.6-150600.4.22.1 fixed
suse enterprise server 12 SP3	2.48.2-12.49.1 fixed
suse enterprise server 15 SP4	2.70.5-150400.3.26.1 fixed
suse enterprise server 15 SP6	2.78.6-150600.4.22.1 fixed
suse enterprise server 15 SP7	2.78.6-150600.4.22.1 fixed

libgmodule-2_0-0

suse enterprise desktop 15 SP6	2.78.6-150600.4.22.1 fixed
suse enterprise desktop 15 SP7	2.78.6-150600.4.22.1 fixed
suse enterprise sap 15 SP6	2.78.6-150600.4.22.1 fixed
suse enterprise sap 15 SP7	2.78.6-150600.4.22.1 fixed
suse enterprise server 12 SP3	2.48.2-12.49.1 fixed
suse enterprise server 15 SP4	2.70.5-150400.3.26.1 fixed
suse enterprise server 15 SP6	2.78.6-150600.4.22.1 fixed
suse enterprise server 15 SP7	2.78.6-150600.4.22.1 fixed

libgmodule-2_0-0-32bit

suse enterprise desktop 15 SP6	2.78.6-150600.4.22.1 fixed
suse enterprise desktop 15 SP7	2.78.6-150600.4.22.1 fixed
suse enterprise sap 15 SP6	2.78.6-150600.4.22.1 fixed
suse enterprise sap 15 SP7	2.78.6-150600.4.22.1 fixed
suse enterprise server 12 SP3	2.48.2-12.49.1 fixed
suse enterprise server 15 SP4	2.70.5-150400.3.26.1 fixed
suse enterprise server 15 SP6	2.78.6-150600.4.22.1 fixed
suse enterprise server 15 SP7	2.78.6-150600.4.22.1 fixed

libgobject-2_0-0

suse enterprise desktop 15 SP6	2.78.6-150600.4.22.1 fixed
suse enterprise desktop 15 SP7	2.78.6-150600.4.22.1 fixed
suse enterprise sap 15 SP6	2.78.6-150600.4.22.1 fixed
suse enterprise sap 15 SP7	2.78.6-150600.4.22.1 fixed
suse enterprise server 12 SP3	2.48.2-12.49.1 fixed
suse enterprise server 15 SP4	2.70.5-150400.3.26.1 fixed
suse enterprise server 15 SP6	2.78.6-150600.4.22.1 fixed
suse enterprise server 15 SP7	2.78.6-150600.4.22.1 fixed

libgobject-2_0-0-32bit

suse enterprise desktop 15 SP6	2.78.6-150600.4.22.1 fixed
suse enterprise desktop 15 SP7	2.78.6-150600.4.22.1 fixed
suse enterprise sap 15 SP6	2.78.6-150600.4.22.1 fixed
suse enterprise sap 15 SP7	2.78.6-150600.4.22.1 fixed
suse enterprise server 12 SP3	2.48.2-12.49.1 fixed
suse enterprise server 15 SP4	2.70.5-150400.3.26.1 fixed
suse enterprise server 15 SP6	2.78.6-150600.4.22.1 fixed
suse enterprise server 15 SP7	2.78.6-150600.4.22.1 fixed

libgthread-2_0-0

suse enterprise desktop 15 SP6	2.78.6-150600.4.22.1 fixed
suse enterprise desktop 15 SP7	2.78.6-150600.4.22.1 fixed
suse enterprise sap 15 SP6	2.78.6-150600.4.22.1 fixed
suse enterprise sap 15 SP7	2.78.6-150600.4.22.1 fixed
suse enterprise server 12 SP3	2.48.2-12.49.1 fixed
suse enterprise server 15 SP4	2.70.5-150400.3.26.1 fixed
suse enterprise server 15 SP6	2.78.6-150600.4.22.1 fixed
suse enterprise server 15 SP7	2.78.6-150600.4.22.1 fixed

libgthread-2_0-0-32bit

suse enterprise server 12 SP3

2.48.2-12.49.1

fixed

Common Weakness Enumeration

CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
The software uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the software does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

References

https://access.redhat.com/security/cve/CVE-2025-7039

https://bugzilla.redhat.com/show_bug.cgi?id=2392423

https://cert-portal.siemens.com/productcert/html/ssa-253495.html