CNNVD-202509-3941 Information

CNNVD ID

CNNVD-202509-3941

Related CVE

CVE-2025-60018

• CNNVD Published: 2025-09-25

Description (Chinese)

GNOME glib-networking是一款Glib（C语言编写的五个底层库的集合）的网络扩展软件包。 GNOME glib-networking存在缓冲区错误漏洞，该漏洞源于OpenSSL后端未正确检查BIO_write返回值，可能导致越界读取。

Description (English)

GNOME glib-networking is a network extension package of Glib (a collection of five bottom libraries written in C languages). There is an error loophole in the buffer zone in GNOME glib-networking, which stems from the incorrect examination of BIO write’s return values by the OpenSSL backend, which may lead to cross-border reading.

Hazard Level

High

Vulnerability Type

缓冲区错误

Affected Vendor

gnutls

Published

2025-09-25

Last Modified

2026-02-24

References

https://access.redhat.com/security/cve/CVE-2025-60018 https://bugzilla.redhat.com/show_bug.cgi?id=2398135 https://gitlab.gnome.org/GNOME/glib-networking/-/issues/226