A flaw was found in GLib. GVariant deserialization is vulnerable to an exponential blowup issue where a crafted GVariant can cause excessive processing, leading to denial of service.
References
| Link | Resource |
|---|---|
| https://access.redhat.com/security/cve/CVE-2023-32665 | Third Party Advisory |
| https://bugzilla.redhat.com/show_bug.cgi?id=2211827 | Issue Tracking Third Party Advisory |
| https://gitlab.gnome.org/GNOME/glib/-/issues/2121 | Vendor Advisory |
| https://lists.debian.org/debian-lts-announce/2023/09/msg00030.html | |
| https://security.gentoo.org/glsa/202311-18 | |
| https://security.netapp.com/advisory/ntap-20240426-0006/ |
Configurations
History
26 Apr 2024, 09:15
| Type | Values Removed | Values Added |
|---|---|---|
| References |
|
27 Nov 2023, 14:15
| Type | Values Removed | Values Added |
|---|---|---|
| References |
|
25 Sep 2023, 20:15
| Type | Values Removed | Values Added |
|---|---|---|
| References |
|
19 Sep 2023, 20:06
| Type | Values Removed | Values Added |
|---|---|---|
| CWE | CWE-502 | |
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 5.5 |
| First Time |
Gnome glib
Gnome |
|
| CPE | cpe:2.3:a:gnome:glib:*:*:*:*:*:*:*:* | |
| References | (MISC) https://gitlab.gnome.org/GNOME/glib/-/issues/2121 - Vendor Advisory | |
| References | (MISC) https://access.redhat.com/security/cve/CVE-2023-32665 - Third Party Advisory | |
| References | (MISC) https://bugzilla.redhat.com/show_bug.cgi?id=2211827 - Issue Tracking, Third Party Advisory |
15 Sep 2023, 00:31
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2023-09-14 20:15
Updated : 2024-04-26 09:15
NVD link : CVE-2023-32665
Mitre link : CVE-2023-32665
CVE.ORG link : CVE-2023-32665
JSON object : View
Products Affected
gnome
- glib