CVE-2025-6052 Information
Jun 14, 2025
cve
Description
A flaw was found in how GLib’s GString manages memory when adding data to strings. If a string is already very large combining it with more input can cause a hidden overflow in the size calculation. This makes the system think it has enough memory when it doesn’t. As a result data may be written past the end of the allocated memory leading to crashes or memory corruption.
CVSS Vector
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
Reference
https://access.redhat.com/security/cve/CVE-2025-6052 https://bugzilla.redhat.com/show_bug.cgi?id=2372666
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction Required
NONE
Scope
NONE
Confidentiality Impact
UNCHANGED
Integrity Impact
NONE
Availability Impact
NONE
Base Score
LOW
Base Severity
3.7
Related CNNVD
CNNVD-202506-1786 (Published: 2025-06-13)
Share on: