CVE-2018-16429 Information

Description

GNOME GLib 2.56.1 has an out-of-bounds read vulnerability in g_markup_parse_context_parse() in gmarkup.c related to utf8_str().

CVSS Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Reference

https://gitlab.gnome.org/GNOME/glib/commit/cec71705406f0b2790422f0c1aa0ff3b4b464b1b https://gitlab.gnome.org/GNOME/glib/issues/1361 https://lists.debian.org/debian-lts-announce/2019/07/msg00029.html https://usn.ubuntu.com/3767-1/ https://usn.ubuntu.com/3767-2/

Attack Complexity

LOW

Privileges Required

NONE

User Interaction Required

NONE

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

NONE

Availability Impact

NONE

Base Score

HIGH

Base Severity

7.5