CNNVD-202601-4561 Information
CNNVD ID
CNNVD-202601-4561
Related CVE
- CNNVD Published: 2026-01-27
Description (Chinese)
glib是GNOME项目的一个通用的、可移植的实用程序库。提供了许多有用的数据类型、宏、类型转换、字符串实用程序、文件实用程序、主循环抽象等。 GLib存在缓冲区错误漏洞,该漏洞源于Base64编码例程在处理极大输入数据时整数类型使用不当,可能导致缓冲区边界计算错误和越界内存写入,造成应用程序崩溃或行为异常。
Description (English)
glib is a common, portable and practical repository for the GNOME project. Many useful data types, macros, type conversions, string applications, file applications, main cycle abstractions, etc. are provided. GLib has an error loophole in the buffer zone, which stems from the inappropriate use of integer types when the Base64 code routines are used in processing the material input data, which may lead to errors in the calculation of the buffer zone boundaries and cross-border memory writing, causing application collapses or behavioural anomalies.
Hazard Level
High
Vulnerability Type
缓冲区错误
Affected Vendor
GNOME
Published
2026-01-27
Last Modified
2026-02-24
References
https://access.redhat.com/security/cve/CVE-2026-1484 https://bugzilla.redhat.com/show_bug.cgi?id=2433259
Patch
https://gitlab.gnome.org/GNOME/glib
Share on: