On Thu, 08 May 2025 at 21:28:38 +0200, Salvatore Bonaccorso wrote:
The following vulnerability was published for glib2.0.
CVE-2025-4373[0]:
| A flaw was found in GLib, which is vulnerable to an integer overflow
| in the g_string_insert_unichar() function. When the position at
| which to insert the character is large, the position will overflow,
| leading to a buffer underwrite.
If I'm reading correctly, this can only happen if the string length is
around 2GB in 32-bit processes, or extremely large (half the address
space) in 64-bit processes, such that a gssize (same type as ssize_t)
would reach a signed overflow and wrap around?
If that assessment is correct, then this doesn't seem like an urgent
problem to fix, or particularly likely to be exploited in practice.
smcv
