IM
IronMonkey Threat Research

CVE-2025-4373 MEDIUM

Published: 2025-05-06 | Last Modified: 2026-06-30 | Status: Deferred

Description

A flaw was found in GLib, which is vulnerable to an integer overflow in the g_string_insert_unichar() function. When the position at which to insert the character is large, the position will overflow, leading to a buffer underwrite.

Additional Descriptions (1)

Se encontró una falla en GLib que causa un desbordamiento de enteros en la función g_string_insert_unichar(). Cuando la posición donde se inserta el carácter es grande, esta se desborda, lo que provoca una subscritura del búfer.

CVSS Metrics

Base Score: 4.8 (MEDIUM)

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L

Attack VectorNETWORK
Attack ComplexityHIGH
Privileges RequiredNONE
User InteractionNONE
ScopeUNCHANGED
Confidentiality ImpactNONE
Integrity ImpactLOW
Availability ImpactLOW

Source: [email protected]

Type: Secondary

Exploitability Score: 2.2

Impact Score: 2.5

Weaknesses

Source Type Description
[email protected] Secondary
en CWE-124
Notification
Message here