Home

CVE-2021-27218

Description

An issue was discovered in GNOME GLib before 2.66.7 and 2.67.x before 2.67.4. If g_byte_array_new_take() was called with a buffer of 4GB or more on a 64-bit platform, the length would be truncated modulo 2**32, causing unintended length truncation.

Risk Information

Base Score
7.5
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS Score
Exploitation Probability
5.212

Associated Vulnerability

VulnerabilityOS Platform
GLib library of C routines (USN-4759-1) libglib2.0-0_2.48.2-0ubuntu4.7_i386.debLinux
GLib library of C routines (USN-4759-1) libglib2.0-0_2.48.2-0ubuntu4.7_amd64.debLinux
GLib library of C routines (USN-4759-1) libglib2.0-0_2.66.1-2ubuntu0.1_i386.debLinux
GLib library of C routines (USN-4759-1) libglib2.0-0_2.66.1-2ubuntu0.1_amd64.debLinux
GLib library of C routines (USN-4759-1) libglib2.0-0_2.64.6-1~ubuntu20.04.2_i386.debLinux
GLib library of C routines (USN-4759-1) libglib2.0-0_2.64.6-1~ubuntu20.04.2_amd64.debLinux
GLib library of C routines (USN-4759-1) libglib2.0-0_2.56.4-0ubuntu0.18.04.7_i386.debLinux
GLib library of C routines (USN-4759-1) libglib2.0-0_2.56.4-0ubuntu0.18.04.7_amd64.debLinux
SUSE-SU-2021:0801-1(SUSE Linux Enterprise Server 12-SP5 ) glib2-debugsource-2.48.2-12.22.1.x86_64.rpmLinux
SUSE-SU-2021:0801-1(SUSE Linux Enterprise Server 12-SP5 ) glib2-lang-2.48.2-12.22.1.noarch.rpmLinux
SUSE-SU-2021:0801-1(SUSE Linux Enterprise Server 12-SP5 ) glib2-tools-2.48.2-12.22.1.x86_64.rpmLinux
SUSE-SU-2021:0801-1(SUSE Linux Enterprise Server 12-SP5 ) glib2-tools-debuginfo-2.48.2-12.22.1.x86_64.rpmLinux
SUSE-SU-2021:0801-1(SUSE Linux Enterprise Server 12-SP5 ) libgio-2_0-0-2.48.2-12.22.1.x86_64.rpmLinux
SUSE-SU-2021:0801-1(SUSE Linux Enterprise Server 12-SP5 ) libgio-2_0-0-32bit-2.48.2-12.22.1.x86_64.rpmLinux
SUSE-SU-2021:0801-1(SUSE Linux Enterprise Server 12-SP5 ) libgio-2_0-0-debuginfo-2.48.2-12.22.1.x86_64.rpmLinux
SUSE-SU-2021:0801-1(SUSE Linux Enterprise Server 12-SP5 ) libgio-2_0-0-debuginfo-32bit-2.48.2-12.22.1.x86_64.rpmLinux
SUSE-SU-2021:0801-1(SUSE Linux Enterprise Server 12-SP5 ) libglib-2_0-0-2.48.2-12.22.1.x86_64.rpmLinux
SUSE-SU-2021:0801-1(SUSE Linux Enterprise Server 12-SP5 ) libglib-2_0-0-32bit-2.48.2-12.22.1.x86_64.rpmLinux
SUSE-SU-2021:0801-1(SUSE Linux Enterprise Server 12-SP5 ) libglib-2_0-0-debuginfo-2.48.2-12.22.1.x86_64.rpmLinux
SUSE-SU-2021:0801-1(SUSE Linux Enterprise Server 12-SP5 ) libglib-2_0-0-debuginfo-32bit-2.48.2-12.22.1.x86_64.rpmLinux
SUSE-SU-2021:0801-1(SUSE Linux Enterprise Server 12-SP5 ) libgmodule-2_0-0-2.48.2-12.22.1.x86_64.rpmLinux
SUSE-SU-2021:0801-1(SUSE Linux Enterprise Server 12-SP5 ) libgmodule-2_0-0-32bit-2.48.2-12.22.1.x86_64.rpmLinux
SUSE-SU-2021:0801-1(SUSE Linux Enterprise Server 12-SP5 ) libgmodule-2_0-0-debuginfo-2.48.2-12.22.1.x86_64.rpmLinux
SUSE-SU-2021:0801-1(SUSE Linux Enterprise Server 12-SP5 ) libgmodule-2_0-0-debuginfo-32bit-2.48.2-12.22.1.x86_64.rpmLinux
SUSE-SU-2021:0801-1(SUSE Linux Enterprise Server 12-SP5 ) libgobject-2_0-0-2.48.2-12.22.1.x86_64.rpmLinux
SUSE-SU-2021:0801-1(SUSE Linux Enterprise Server 12-SP5 ) libgobject-2_0-0-32bit-2.48.2-12.22.1.x86_64.rpmLinux
SUSE-SU-2021:0801-1(SUSE Linux Enterprise Server 12-SP5 ) libgobject-2_0-0-debuginfo-2.48.2-12.22.1.x86_64.rpmLinux
SUSE-SU-2021:0801-1(SUSE Linux Enterprise Server 12-SP5 ) libgobject-2_0-0-debuginfo-32bit-2.48.2-12.22.1.x86_64.rpmLinux
SUSE-SU-2021:0801-1(SUSE Linux Enterprise Server 12-SP5 ) libgthread-2_0-0-2.48.2-12.22.1.x86_64.rpmLinux
SUSE-SU-2021:0801-1(SUSE Linux Enterprise Server 12-SP5 ) libgthread-2_0-0-32bit-2.48.2-12.22.1.x86_64.rpmLinux
SUSE-SU-2021:0801-1(SUSE Linux Enterprise Server 12-SP5 ) libgthread-2_0-0-debuginfo-2.48.2-12.22.1.x86_64.rpmLinux
SUSE-SU-2021:0801-1(SUSE Linux Enterprise Server 12-SP5 ) libgthread-2_0-0-debuginfo-32bit-2.48.2-12.22.1.x86_64.rpmLinux
(RHSA-2021:3058) glib2 security update glib2-2.56.4-10.el8_4.1.i686.rpmLinux
(RHSA-2021:3058) glib2 security update glib2-2.56.4-10.el8_4.1.x86_64.rpmLinux
(RHSA-2021:3058) glib2 security update glib2-debugsource-2.56.4-10.el8_4.1.i686.rpmLinux
(RHSA-2021:3058) glib2 security update glib2-debugsource-2.56.4-10.el8_4.1.x86_64.rpmLinux
(RHSA-2021:3058) glib2 security update glib2-devel-2.56.4-10.el8_4.1.i686.rpmLinux
(RHSA-2021:3058) glib2 security update glib2-devel-2.56.4-10.el8_4.1.x86_64.rpmLinux
(RHSA-2021:3058) glib2 security update glib2-fam-2.56.4-10.el8_4.1.x86_64.rpmLinux
(RHSA-2021:3058) glib2 security update glib2-tests-2.56.4-10.el8_4.1.x86_64.rpmLinux
Glib2 update (ELSA-2021-3058) glib2-2.56.4-10.el8_4.1.i686.rpmLinux
Glib2 update (ELSA-2021-3058) glib2-2.56.4-10.el8_4.1.x86_64.rpmLinux
Glib2-devel update (ELSA-2021-3058) glib2-devel-2.56.4-10.el8_4.1.i686.rpmLinux
Glib2-devel update (ELSA-2021-3058) glib2-devel-2.56.4-10.el8_4.1.x86_64.rpmLinux
Glib2-doc update (ELSA-2021-3058) glib2-doc-2.56.4-10.el8_4.1.noarch.rpmLinux
Glib2-fam update (ELSA-2021-3058) glib2-fam-2.56.4-10.el8_4.1.x86_64.rpmLinux
Glib2-static update (ELSA-2021-3058) glib2-static-2.56.4-10.el8_4.1.i686.rpmLinux
Glib2-static update (ELSA-2021-3058) glib2-static-2.56.4-10.el8_4.1.x86_64.rpmLinux
Glib2-tests update (ELSA-2021-3058) glib2-tests-2.56.4-10.el8_4.1.x86_64.rpmLinux

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234