Mageia 9 Advisory MGASA-2026-0023 glib2.0 Moderate DoS CVE-2025-3360
mageia
January 28, 2026
MGASA-2026-0023 - Updated glib2.0 packages fix security vulnerabilities
Summary
Description:
Glib prior to 2.82.5 is vulnerable to integer overflow and buffer
under-read when parsing a very long invalid iso 8601 timestamp with
g_date_time_new_from_iso8601(). (CVE-2025-3360)
Buffer under-read on glib through glib/gfileutils.c via get_tmp_file().
(CVE-2025-7039)
Integer overflow in in g_escape_uri_string(). (CVE-2025-13601)
Buffer underflow in gvariant parser leads to heap corruption.
(CVE-2025-14087)
Integer overflow in glib gio attribute escaping causes heap buffer
overflow. (CVE-2025-14512)
Denial of service via integer overflow in
g_buffered_input_stream_peek(). (CVE-2026-0988)
References
- https://bugs.mageia.org/show_bug.cgi?id=35052
- https://ubuntu.com/security/notices/USN-7971-1
- https://www.cve.org/CVERecord?id=CVE-2025-3360
- https://www.cve.org/CVERecord?id=CVE-2025-7039
- https://www.cve.org/CVERecord?id=CVE-2025-13601
- https://www.cve.org/CVERecord?id=CVE-2025-14087
- https://www.cve.org/CVERecord?id=CVE-2025-14512
- https://www.cve.org/CVERecord?id=CVE-2026-0988
Resolution
SRPMS
- 9/core/glib2.0-2.76.3-1.6.mga9
PREVIOUS 
NEXT Severity
important
Lowest
Low
Medium
High
Critical
Publication date: 28 Jan 2026
URL: https://advisories.mageia.org/MGASA-2026-0023.html
Type: security
CVE: CVE-2025-3360, CVE-2025-7039, CVE-2025-13601, CVE-2025-14087, CVE-2025-14512, CVE-2026-0988
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!