Advisories » MGASA-2025-0216

Updated glib2.0 packages fix security vulnerability

Publication date: 02 Aug 2025
Modification date: 02 Aug 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-6052

Description

A flaw was found in how GLib’s GString manages memory when adding data
to strings. If a string is already very large, combining it with more
input can cause a hidden overflow in the size calculation. This makes
the system think it has enough memory when it doesn’t. As a result, data
may be written past the end of the allocated memory, leading to crashes
or memory corruption.
                

References

• https://bugs.mageia.org/show_bug.cgi?id=34412
• https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/JCF4CXWHQ7T6REXQFZTU4OS54OXUZ2HW/
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6052

SRPMS

9/core

• glib2.0-2.76.3-1.5.mga9