CNNVD-202512-2001 Information

CNNVD ID

CNNVD-202512-2001

Related CVE

CVE-2025-14087

• CNNVD Published: 2025-12-10

Description (Chinese)

glib是GNOME项目的一个通用的、可移植的实用程序库。提供了许多有用的数据类型、宏、类型转换、字符串实用程序、文件实用程序、主循环抽象等。 glib存在输入验证错误漏洞，该漏洞源于GVariant解析器缓冲区下溢，可能导致堆损坏或执行任意代码。

Description (English)

glib is a common, portable and practical repository for the GNOME project. Many useful data types, macros, type conversions, string applications, file applications, main cycle abstractions, etc. are provided. There is an input validation error loophole in glib, which stems from the spilling down of the GVariant resolver buffer zone, which could lead to piles of damage or the implementation of random codes.

Hazard Level

High

Vulnerability Type

输入验证错误

Affected Vendor

GNOME

Published

2025-12-10

Last Modified

2026-02-24

References

https://access.redhat.com/security/cve/CVE-2025-14087 https://bugzilla.redhat.com/show_bug.cgi?id=2419093