Medium severity4.8NVD Advisory· Published May 6, 2025· Updated May 12, 2026
CVE-2025-4373
CVE-2025-4373
Description
A flaw was found in GLib, which is vulnerable to an integer overflow in the g_string_insert_unichar() function. When the position at which to insert the character is large, the position will overflow, leading to a buffer underwrite.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
19- osv-coords18 versionspkg:rpm/almalinux/glib2pkg:rpm/almalinux/glib2-develpkg:rpm/almalinux/glib2-docpkg:rpm/almalinux/glib2-fampkg:rpm/almalinux/glib2-staticpkg:rpm/almalinux/glib2-testspkg:rpm/opensuse/glib2&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/glib2-doc&distro=openSUSE%20Leap%2015.6pkg:rpm/suse/glib2&distro=SUSE%20Linux%20Enterprise%20Micro%205.1pkg:rpm/suse/glib2&distro=SUSE%20Linux%20Enterprise%20Micro%205.2pkg:rpm/suse/glib2&distro=SUSE%20Linux%20Enterprise%20Micro%205.3pkg:rpm/suse/glib2&distro=SUSE%20Linux%20Enterprise%20Micro%205.4pkg:rpm/suse/glib2&distro=SUSE%20Linux%20Enterprise%20Micro%205.5pkg:rpm/suse/glib2&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP6pkg:rpm/suse/glib2&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP7pkg:rpm/suse/glib2&distro=SUSE%20Linux%20Enterprise%20Server%20LTSS%20Extended%20Security%2012%20SP5pkg:rpm/suse/glib2&distro=SUSE%20Linux%20Micro%206.0pkg:rpm/suse/glib2&distro=SUSE%20Linux%20Micro%206.1
< 2.68.4-16.el9_6.2+ 17 more
- (no CPE)range: < 2.68.4-16.el9_6.2
- (no CPE)range: < 2.68.4-16.el9_6.2
- (no CPE)range: < 2.68.4-16.el9_6.2
- (no CPE)range: < 2.56.4-166.el8_10
- (no CPE)range: < 2.68.4-16.el9_6.2
- (no CPE)range: < 2.68.4-16.el9_6.2
- (no CPE)range: < 2.78.6-150600.4.16.1
- (no CPE)range: < 2.78.6-150600.4.16.1
- (no CPE)range: < 2.62.6-150200.3.30.1
- (no CPE)range: < 2.62.6-150200.3.30.1
- (no CPE)range: < 2.70.5-150400.3.23.1
- (no CPE)range: < 2.70.5-150400.3.23.1
- (no CPE)range: < 2.70.5-150400.3.23.1
- (no CPE)range: < 2.78.6-150600.4.16.1
- (no CPE)range: < 2.78.6-150600.4.16.1
- (no CPE)range: < 2.48.2-12.46.1
- (no CPE)range: < 2.76.2-9.1
- (no CPE)range: < 2.78.6-slfo.1.1_3.1
Patches
Vulnerability mechanics
References
17- access.redhat.com/errata/RHSA-2025:10855nvd
- access.redhat.com/errata/RHSA-2025:11140nvd
- access.redhat.com/errata/RHSA-2025:11327nvd
- access.redhat.com/errata/RHSA-2025:11373nvd
- access.redhat.com/errata/RHSA-2025:11374nvd
- access.redhat.com/errata/RHSA-2025:11662nvd
- access.redhat.com/errata/RHSA-2025:12275nvd
- access.redhat.com/errata/RHSA-2025:13335nvd
- access.redhat.com/errata/RHSA-2025:14988nvd
- access.redhat.com/errata/RHSA-2025:14989nvd
- access.redhat.com/errata/RHSA-2025:14990nvd
- access.redhat.com/errata/RHSA-2025:14991nvd
- access.redhat.com/security/cve/CVE-2025-4373nvd
- bugzilla.redhat.com/show_bug.cginvd
- cert-portal.siemens.com/productcert/html/ssa-082556.htmlnvd
- cert-portal.siemens.com/productcert/html/ssa-089022.htmlnvd
- gitlab.gnome.org/GNOME/glib/-/issues/3677nvd
News mentions
0No linked articles in our index yet.