A flaw was found in GLib, which is vulnerable to an integer overflow in the g_string_insert_unichar() function. When the position at which to insert the character is large, the position will overflow, leading to a buffer underwrite.
The product writes to a buffer using an index or pointer that references a memory location prior to the beginning of the buffer.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Red Hat Enterprise Linux 10 | RedHat | glib2-0:2.80.4-4.el10_0.6 | * |
Red Hat Enterprise Linux 8 | RedHat | glib2-0:2.56.4-166.el8_10 | * |
Red Hat Enterprise Linux 9 | RedHat | glib2-0:2.68.4-16.el9_6.2 | * |
Red Hat Enterprise Linux 9 | RedHat | glib2-0:2.68.4-16.el9_6.2 | * |
Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions | RedHat | glib2-0:2.68.4-5.el9_0.2 | * |
Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions | RedHat | glib2-0:2.68.4-7.el9_2.2 | * |
Red Hat Enterprise Linux 9.4 Extended Update Support | RedHat | glib2-0:2.68.4-14.el9_4.3 | * |
Red Hat Insights proxy 1.5 | RedHat | registry.redhat.io/insights-proxy/insights-proxy-container-rhel9:sha256:e54a5a5f9d69dd6a03e2bcd845e2202910a188d266d4a79b12c387ceffc36f2d | * |
Red Hat OpenShift distributed tracing 3.6.1 | RedHat | registry.redhat.io/rhosdt/jaeger-agent-rhel8:sha256:389b9cbd0f05d3d773edc2c06aa73818307cbb25048bddf4f192a992670b6fb4 | * |
Red Hat OpenShift distributed tracing 3.6.1 | RedHat | registry.redhat.io/rhosdt/jaeger-all-in-one-rhel8:sha256:3b00e2fec645e140fa304e5823bcb1d0fcd1ddac7f4cbf6e9a9c0fbeaf29682d | * |
Red Hat OpenShift distributed tracing 3.6.1 | RedHat | registry.redhat.io/rhosdt/jaeger-collector-rhel8:sha256:addf7b49ce99777a3bbf12c2e6678b604f3cfaf91feaaeb4192d75e902e46458 | * |
Red Hat OpenShift distributed tracing 3.6.1 | RedHat | registry.redhat.io/rhosdt/jaeger-es-index-cleaner-rhel8:sha256:caadc05a8195f41d48d502458183cef05a1011c6edee343ac212b873ae98c763 | * |
Red Hat OpenShift distributed tracing 3.6.1 | RedHat | registry.redhat.io/rhosdt/jaeger-es-rollover-rhel8:sha256:1c4617b035c66b6b34e9b19f618f72a19da5fce644d79e24eb262f14c848bc81 | * |
Red Hat OpenShift distributed tracing 3.6.1 | RedHat | registry.redhat.io/rhosdt/jaeger-ingester-rhel8:sha256:2e6d535aa3208ca8ae1bc588393c8bc499c4bfb452aceca047523502ddffa0ed | * |
Red Hat OpenShift distributed tracing 3.6.1 | RedHat | registry.redhat.io/rhosdt/jaeger-operator-bundle:sha256:be3feca3b19ac609e5ef829887b6d03ca3c504163ed0f9e10b2410cdfb175b72 | * |
Red Hat OpenShift distributed tracing 3.6.1 | RedHat | registry.redhat.io/rhosdt/jaeger-query-rhel8:sha256:8fce6e29d98acc1dd0a832cdb5c913af3edd65b81b2968fbdbf8ab434d82fe1e | * |
Red Hat OpenShift distributed tracing 3.6.1 | RedHat | registry.redhat.io/rhosdt/jaeger-rhel8-operator:sha256:8d7c966e19b03dc4b7f123c9f4096ed4267be5596d08958f4c75a88b3bc541da | * |
Glib2.0 | Ubuntu | focal | * |
Glib2.0 | Ubuntu | jammy | * |
Glib2.0 | Ubuntu | noble | * |
Glib2.0 | Ubuntu | oracular | * |
Glib2.0 | Ubuntu | plucky | * |
Glib2.0 | Ubuntu | upstream | * |