CVE-2018-16429 — Out-of-bounds Read in Glib

CWE-125 — Out-of-bounds Read14 documents8 sources

Severity

7.5HIGHNVD

OSV9.8

EPSS

0.4%

top 42.44%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Canonical Ubuntu Linux Gnome Glib

Timeline

PublishedSep 4

Latest updateMay 13

Description

GNOME GLib 2.56.1 has an out-of-bounds read vulnerability in g_markup_parse_context_parse() in gmarkup.c, related to utf8_str().

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages1 packages

▶NVDgnome/glib2.56.1

Also affects: Ubuntu Linux 12.04, 14.04, 16.04, 18.04

Patches

Patch: gitlab.gnome.org ↗Patch: gitlab.gnome.org ↗

🔴Vulnerability Details

GHSA

GHSA-x96r-v34q-q4vv: GNOME GLib 2↗2022-05-13

▶

OSV

glib2.0 vulnerabilities↗2018-09-19

▶

OSV

CVE-2018-16429: GNOME GLib 2↗2018-09-04

▶

CVEList

CVE-2018-16429: GNOME GLib 2↗2018-09-04

▶

📋Vendor Advisories

Ubuntu

GLib vulnerabilities↗2018-09-19

▶

Ubuntu

GLib vulnerabilities↗2018-09-19

▶

Red Hat

glib2: Out-of-bounds read in g_markup_parse_context_parse() in gmarkup.c↗2018-09-04

▶

Debian

CVE-2018-16429: glib2.0 - GNOME GLib 2.56.1 has an out-of-bounds read vulnerability in g_markup_parse_cont...↗2018

▶

💬Community

Bugzilla

CVE-2018-16429 thunderbird: glib2: Out-of-bounds read in g_markup_parse_context_parse() in gmarkup.c [fedora-all]↗2018-09-06

▶

Bugzilla

CVE-2018-16429 glib2: Out-of-bounds read in g_markup_parse_context_parse() in gmarkup.c [fedora-all]↗2018-09-06

▶

Bugzilla

CVE-2018-16429 firefox: glib2: Out-of-bounds read in g_markup_parse_context_parse() in gmarkup.c [fedora-all]↗2018-09-06

▶

Bugzilla

CVE-2018-16429 chromium: glib2: Out-of-bounds read in g_markup_parse_context_parse() in gmarkup.c [fedora-all]↗2018-09-06

▶

Bugzilla

CVE-2018-16429 glib2: Out-of-bounds read in g_markup_parse_context_parse() in gmarkup.c↗2018-09-06

▶