ГлавнаяУязвимости → CVE-2025-13601
7.7высокая

CVE-2025-13601

Описание

A heap-based buffer overflow problem was found in glib through an incorrect calculation of buffer size in the g_escape_uri_string() function. If the string to escape contains a very large number of unacceptable characters (which would need escaping), the calculation of the length of the escaped string could overflow, leading to a potential write off the end of the newly allocated string.

Затрагиваемое ПО
Redhat Codeready linux builderRedhat Codeready linux builder for ibm z systemsRedhat Codeready linux builder for power little endianRedhat Codeready linux builder for x86 64Redhat Enterprise linux for arm 64Redhat Enterprise linux for ibm z systemsRedhat Enterprise linux for power little endianRedhat Enterprise linux for x86 64Redhat Codeready linux builder for arm64Redhat Enterprise linux server ausRedhat Codeready linux builder for arm64 eusRedhat Enterprise linux for x86 64 eusRedhat Enterprise linux server for power little endianRedhat Enterprise linux server for power little endian eusRedhat Codeready linux builder for ibm z systems eusRedhat Codeready linux builder for power little endian eusRedhat Codeready linux builder for x86 64 eusRedhat Enterprise linux for arm 64 eusRedhat Enterprise linux for ibm z systems eusRedhat Enterprise linux for power little endian eusRedhat Enterprise linux server tusRedhat Ceph storageRedhat DiscoveryGnome GlibRedhat Openshift container platform
CVSS
Балл7.7 — высокая
ВекторCVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
Источники
https://access.redhat.com/errata/RHSA-2026:0936https://access.redhat.com/errata/RHSA-2026:0975https://access.redhat.com/errata/RHSA-2026:0991https://access.redhat.com/errata/RHSA-2026:1323https://access.redhat.com/errata/RHSA-2026:1324https://access.redhat.com/errata/RHSA-2026:1326https://access.redhat.com/errata/RHSA-2026:1327https://access.redhat.com/errata/RHSA-2026:1465