CVE Vulnerabilities

CVE-2025-4373

Buffer Underwrite ('Buffer Underflow')

Published: May 06, 2025 | Modified: Sep 02, 2025
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
RedHat/V2
RedHat/V3
4.8 MODERATE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L
Ubuntu
MEDIUM

A flaw was found in GLib, which is vulnerable to an integer overflow in the g_string_insert_unichar() function. When the position at which to insert the character is large, the position will overflow, leading to a buffer underwrite.

Weakness

The product writes to a buffer using an index or pointer that references a memory location prior to the beginning of the buffer.

Affected Software

Name Vendor Start Version End Version
Red Hat Enterprise Linux 10 RedHat glib2-0:2.80.4-4.el10_0.6 *
Red Hat Enterprise Linux 8 RedHat glib2-0:2.56.4-166.el8_10 *
Red Hat Enterprise Linux 8.2 Advanced Update Support RedHat glib2-0:2.56.4-8.el8_2.2 *
Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support RedHat glib2-0:2.56.4-10.el8_4.2 *
Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On RedHat glib2-0:2.56.4-10.el8_4.2 *
Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support RedHat glib2-0:2.56.4-158.el8_6.2 *
Red Hat Enterprise Linux 8.6 Telecommunications Update Service RedHat glib2-0:2.56.4-158.el8_6.2 *
Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions RedHat glib2-0:2.56.4-158.el8_6.2 *
Red Hat Enterprise Linux 8.8 Telecommunications Update Service RedHat glib2-0:2.56.4-162.el8_8 *
Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions RedHat glib2-0:2.56.4-162.el8_8 *
Red Hat Enterprise Linux 9 RedHat glib2-0:2.68.4-16.el9_6.2 *
Red Hat Enterprise Linux 9 RedHat glib2-0:2.68.4-16.el9_6.2 *
Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions RedHat glib2-0:2.68.4-5.el9_0.2 *
Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions RedHat glib2-0:2.68.4-7.el9_2.2 *
Red Hat Enterprise Linux 9.4 Extended Update Support RedHat glib2-0:2.68.4-14.el9_4.3 *
Red Hat Insights proxy 1.5 RedHat registry.redhat.io/insights-proxy/insights-proxy-container-rhel9:sha256:c26d589f12647890b67aaa986f54d3f7c6f7f2563fb5a73f38d559e6138739d7 *
Red Hat OpenShift distributed tracing 3.6.1 RedHat registry.redhat.io/rhosdt/jaeger-agent-rhel8:sha256:389b9cbd0f05d3d773edc2c06aa73818307cbb25048bddf4f192a992670b6fb4 *
Red Hat OpenShift distributed tracing 3.6.1 RedHat registry.redhat.io/rhosdt/jaeger-all-in-one-rhel8:sha256:3b00e2fec645e140fa304e5823bcb1d0fcd1ddac7f4cbf6e9a9c0fbeaf29682d *
Red Hat OpenShift distributed tracing 3.6.1 RedHat registry.redhat.io/rhosdt/jaeger-collector-rhel8:sha256:addf7b49ce99777a3bbf12c2e6678b604f3cfaf91feaaeb4192d75e902e46458 *
Red Hat OpenShift distributed tracing 3.6.1 RedHat registry.redhat.io/rhosdt/jaeger-es-index-cleaner-rhel8:sha256:3d98512aaa924e0e1c9f3b5ab6b405cb4f4a3f3b5225aefa54f1b2abfbe3d769 *
Red Hat OpenShift distributed tracing 3.6.1 RedHat registry.redhat.io/rhosdt/jaeger-es-rollover-rhel8:sha256:b91fe4769ad1e0cf809e3db4d494a5526608b2fa2114fc5e28624372858bb203 *
Red Hat OpenShift distributed tracing 3.6.1 RedHat registry.redhat.io/rhosdt/jaeger-ingester-rhel8:sha256:2e6d535aa3208ca8ae1bc588393c8bc499c4bfb452aceca047523502ddffa0ed *
Red Hat OpenShift distributed tracing 3.6.1 RedHat registry.redhat.io/rhosdt/jaeger-operator-bundle:sha256:be3feca3b19ac609e5ef829887b6d03ca3c504163ed0f9e10b2410cdfb175b72 *
Red Hat OpenShift distributed tracing 3.6.1 RedHat registry.redhat.io/rhosdt/jaeger-query-rhel8:sha256:201d1bd33f7e22c463aaf94b4f84e4610f129affd8a96efb8722aabfbc612bfd *
Red Hat OpenShift distributed tracing 3.6.1 RedHat registry.redhat.io/rhosdt/jaeger-rhel8-operator:sha256:8d7c966e19b03dc4b7f123c9f4096ed4267be5596d08958f4c75a88b3bc541da *
Glib2.0 Ubuntu esm-infra/focal *
Glib2.0 Ubuntu focal *
Glib2.0 Ubuntu jammy *
Glib2.0 Ubuntu noble *
Glib2.0 Ubuntu oracular *
Glib2.0 Ubuntu plucky *
Glib2.0 Ubuntu upstream *

Potential Mitigations

References