An issue was discovered in GNOME GLib before 2.66.6 and 2.67.x before 2.67.3. The function g_bytes_new has an integer overflow on 64-bit platforms due to an implicit cast from 64 bits to 32 bits. The overflow could potentially lead to memory corruption.
Weakness
When converting from one data type to another, such as long to integer, data can be omitted or translated in a way that produces unexpected values. If the resulting values are used in a sensitive context, then dangerous behaviors may occur.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Glib | Gnome | * | 2.66.6 (excluding) |
| Glib | Gnome | 2.67.0 (including) | 2.67.3 (excluding) |
| Red Hat Enterprise Linux 6 Extended Lifecycle Support | RedHat | glib2-0:2.28.8-11.el6_10 | * |
| Red Hat Enterprise Linux 7 | RedHat | glib2-0:2.56.1-9.el7_9 | * |
| Red Hat Enterprise Linux 7.2 Advanced Update Support | RedHat | glib2-0:2.42.2-6.el7_2 | * |
| Red Hat Enterprise Linux 7.3 Advanced Update Support | RedHat | glib2-0:2.46.2-5.el7_3 | * |
| Red Hat Enterprise Linux 7.4 Advanced Update Support | RedHat | glib2-0:2.50.3-4.el7_4 | * |
| Red Hat Enterprise Linux 7.4 Telco Extended Update Support | RedHat | glib2-0:2.50.3-4.el7_4 | * |
| Red Hat Enterprise Linux 7.4 Update Services for SAP Solutions | RedHat | glib2-0:2.50.3-4.el7_4 | * |
| Red Hat Enterprise Linux 7.6 Extended Update Support | RedHat | glib2-0:2.56.1-5.el7_6 | * |
| Red Hat Enterprise Linux 7.7 Extended Update Support | RedHat | glib2-0:2.56.1-6.el7_7 | * |
| Red Hat Enterprise Linux 8 | RedHat | mingw-glib2-0:2.66.7-2.el8 | * |
| Red Hat Enterprise Linux 8 | RedHat | glib2-0:2.56.4-10.el8_4 | * |
| Red Hat Enterprise Linux 8.1 Extended Update Support | RedHat | glib2-0:2.56.4-8.el8_1 | * |
| Red Hat Enterprise Linux 8.2 Extended Update Support | RedHat | glib2-0:2.56.4-8.el8_2.1 | * |
| Red Hat Migration Toolkit for Containers 1.4 | RedHat | rhmtc/openshift-migration-controller-rhel8:v1.4.6-4 | * |
| Red Hat Migration Toolkit for Containers 1.4 | RedHat | rhmtc/openshift-migration-log-reader-rhel8:v1.4.6-4 | * |
| Red Hat Migration Toolkit for Containers 1.4 | RedHat | rhmtc/openshift-migration-must-gather-rhel8:v1.4.6-4 | * |
| Red Hat Migration Toolkit for Containers 1.4 | RedHat | rhmtc/openshift-migration-operator-bundle:v1.4.6-5 | * |
| Red Hat Migration Toolkit for Containers 1.4 | RedHat | rhmtc/openshift-migration-registry-rhel8:v1.4.6-4 | * |
| Red Hat Migration Toolkit for Containers 1.4 | RedHat | rhmtc/openshift-migration-rsync-transfer-rhel8:v1.4.6-4 | * |
| Red Hat Migration Toolkit for Containers 1.4 | RedHat | rhmtc/openshift-migration-ui-rhel8:v1.4.6-4 | * |
| Red Hat Migration Toolkit for Containers 1.4 | RedHat | rhmtc/openshift-migration-velero-plugin-for-aws-rhel8:v1.4.6-4 | * |
| Red Hat Migration Toolkit for Containers 1.4 | RedHat | rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8:v1.4.6-3 | * |
| Red Hat Migration Toolkit for Containers 1.4 | RedHat | rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8:v1.4.6-4 | * |
| Red Hat Migration Toolkit for Containers 1.4 | RedHat | rhmtc/openshift-migration-velero-restic-restore-helper-rhel8:v1.4.6-5 | * |
| Red Hat Migration Toolkit for Containers 1.4 | RedHat | rhmtc/openshift-migration-velero-rhel8:v1.4.6-5 | * |
| Red Hat Migration Toolkit for Containers 1.4 | RedHat | rhmtc/openshift-velero-plugin-rhel8:v1.4.6-4 | * |
| Red Hat Virtualization 4 for Red Hat Enterprise Linux 7 | RedHat | redhat-virtualization-host-0:4.3.16-20210615.0.el7_9 | * |
| Red Hat Virtualization 4 for Red Hat Enterprise Linux 8 | RedHat | redhat-virtualization-host-0:4.4.6-20210615.0.el8_4 | * |
| Glib2.0 | Ubuntu | bionic | * |
| Glib2.0 | Ubuntu | esm-infra-legacy/trusty | * |
| Glib2.0 | Ubuntu | esm-infra/bionic | * |
| Glib2.0 | Ubuntu | esm-infra/focal | * |
| Glib2.0 | Ubuntu | esm-infra/xenial | * |
| Glib2.0 | Ubuntu | focal | * |
| Glib2.0 | Ubuntu | groovy | * |
| Glib2.0 | Ubuntu | precise/esm | * |
| Glib2.0 | Ubuntu | trusty | * |
| Glib2.0 | Ubuntu | trusty/esm | * |
| Glib2.0 | Ubuntu | upstream | * |
| Glib2.0 | Ubuntu | xenial | * |
Potential Mitigations
References
- https://gitlab.gnome.org/GNOME/glib/-/issues/2319
- https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E
- https://lists.debian.org/debian-lts-announce/2022/06/msg00006.html
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2REA7RVKN7ZHRLJOEGBRQKJIPZQPAELZ/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JJMPNDO4GDVURYQFYKFOWY5HAF4FTEPN/
- https://security.gentoo.org/glsa/202107-13
- https://security.netapp.com/advisory/ntap-20210319-0004/
- https://gitlab.gnome.org/GNOME/glib/-/issues/2319
- https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E
- https://lists.debian.org/debian-lts-announce/2022/06/msg00006.html
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2REA7RVKN7ZHRLJOEGBRQKJIPZQPAELZ/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JJMPNDO4GDVURYQFYKFOWY5HAF4FTEPN/
- https://security.gentoo.org/glsa/202107-13
- https://security.netapp.com/advisory/ntap-20210319-0004/