Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 591
Alerts This Week
Warning Icon 1 591

SUSE glibc3 Significant Memory Leak Resolution 2025-30567-2

suse
Calendar Grey February 27, 2026
Dist Suse Esm H88
Seven vulnerabilities in glib2 addressed in an important update for SUSE Linux users, enhancing overall system integrity.
An update that solves seven vulnerabilities can now be installed.

Summary

## This update for glib2 fixes the following issues: * CVE-2025-13601: Fixed integer overflow in in g_escape_uri_string() (bsc#1254297). * CVE-2025-14087: Fixed buffer underflow in GVariant parser leads to heap corruption (bsc#1254662). * CVE-2025-14512: Fixed integer Overflow in GLib GIO Attribute Escaping Causes Heap Buffer Overflow (bsc#1254878). * CVE-2026-1485: Fixed buffer underflow and out-of-bounds access due to integer wraparound in content type parsing (bsc#1257354). * CVE-2026-1484: Fixed buffer underflow and out-of-bounds access due to miscalculated buffer boundaries in the Base64 encoding routine (bsc#1257355). * CVE-2026-1489: Fixed undersized heap allocation followed by out-of-bounds access due to integer overflow in Unicode case conversion (bsc#1257353).

References

* bsc#1254297

* bsc#1254662

* bsc#1254878

* bsc#1257049

* bsc#1257353

* bsc#1257354

* bsc#1257355

Cross-

* CVE-2025-13601

* CVE-2025-14087

* CVE-2025-14512

* CVE-2026-0988

* CVE-2026-1484

* CVE-2026-1485

* CVE-2026-1489

CVSS scores:

* CVE-2025-13601 ( SUSE ): 7.7 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

* CVE-2025-13601 ( NVD ): 7.7 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

* CVE-2025-14087 ( SUSE ): 6.9

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N

* CVE-2025-14087 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

* CVE-2025-14087 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

* CVE-2025-14087 ( NVD ): 5.6 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L

* CVE-2025-14512 ( SUSE ): 6.9

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2026:20493-1
Release Date: 2026-02-17T09:46:35Z
Rating: important

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.