Explore top 10 tips to secure your open-source projects now. Read More
×Several security issues were fixed in GLib.. ========================================================================== Ubuntu Security Notice USN-7942-2 February 10, 2026 glib2.0 vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS - Ubuntu 16.04 LTS - Ubuntu 14.04 LTS Summary: Several security issues were fixed in GLib. Software Description: - glib2.0: GLib library of C routines Details: USN-7942-1 fixed vulnerabilities in GLib. This update provides the corresponding updates for Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. CVE-2025-3360 only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. Original advisory details: It was discovered that GLib incorrectly handled escaping URI strings. An attacker could use this issue to cause GLib to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2025-13601) It was discovered that GLib incorrectly parsed certain GVariants. An attacker could use this issue to cause GLib to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2025-14087) It was discovered that GLib incorrectly parsed certain long invalid ISO 8601 timestamps. An attacker could possibly use this issue to cause GLib to crash, resulting in a denial of service. This issue only affected Ubuntu 22.04 LTS and Ubuntu 24.04 LTS. (CVE-2025-3360) It was discovered that GLib incorrectly handled GString memory operations. An attacker could use this issue to cause GLib to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 24.04 LTS and Ubuntu 25.04. (CVE-2025-6052) It was discovered that GLib incorrectly handled creating temporary files. An attacker could possibly use this issue to access unauthorized data. This issue only affected Ubuntu 22.04 LTS, Ubuntu 24.04 LTS, and Ubuntu 25.04.(CVE-2025-7039) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 20.04 LTS libglib2.0-0 2.64.6-1~ubuntu20.04.9+esm1 Available with Ubuntu Pro Ubuntu 18.04 LTS libglib2.0-0 2.56.4-0ubuntu0.18.04.9+esm5 Available with Ubuntu Pro Ubuntu 16.04 LTS libglib2.0-0 2.48.2-0ubuntu4.8+esm5 Available with Ubuntu Pro Ubuntu 14.04 LTS libglib2.0-0 2.40.2-0ubuntu1.1+esm7 Available with Ubuntu Pro In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-7942-2 https://ubuntu.com/security/notices/USN-7942-1 CVE-2025-13601, CVE-2025-14087, CVE-2025-3360, CVE-2025-7039 . Multiple security issues were fixed in GLib across several Ubuntu releases, addressing crucial exploits.. Ubuntu updates, GLib vulnerabilities, Linux security patches. . LinuxSecurity.com Team
GLib could be made to crash or run programs if it received specially crafted input.. ========================================================================== Ubuntu Security Notice USN-7971-1 January 21, 2026 glib2.0 vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 25.10 - Ubuntu 24.04 LTS - Ubuntu 22.04 LTS Summary: GLib could be made to crash or run programs if it received specially crafted input. Software Description: - glib2.0: GLib library of C routines Details: It was discovered that GLib incorrectly handled the buffered input stream API. An attacker could use this issue to cause GLib to crash, resulting in a denial of service, or possibly execute arbitrary code. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 25.10 libglib2.0-0t64 2.86.0-2ubuntu0.2 libglib2.0-bin 2.86.0-2ubuntu0.2 Ubuntu 24.04 LTS libglib2.0-0t64 2.80.0-6ubuntu3.7 libglib2.0-bin 2.80.0-6ubuntu3.7 Ubuntu 22.04 LTS libglib2.0-0 2.72.4-0ubuntu2.8 libglib2.0-bin 2.72.4-0ubuntu2.8 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-7971-1 CVE-2026-0988 Package Information: https://launchpad.net/ubuntu/+source/glib2.0/2.80.0-6ubuntu3.7 https://launchpad.net/ubuntu/+source/glib2.0/2.72.4-0ubuntu2.8 . GLib on Ubuntu could crash or run unauthorized programs from crafted input. Immediate updates recommended.. GLib Security Update, Ubuntu GLib Advisory, Denial of Service GLib, GLib Code Execution Risk. . LinuxSecurity.com Team
Several security issues were fixed in GLib.. ========================================================================== Ubuntu Security Notice USN-7942-1 January 06, 2026 glib2.0 vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 25.10 - Ubuntu 25.04 - Ubuntu 24.04 LTS - Ubuntu 22.04 LTS Summary: Several security issues were fixed in GLib. Software Description: - glib2.0: GLib library of C routines Details: It was discovered that GLib incorrectly handled escaping URI strings. An attacker could use this issue to cause GLib to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2025-13601) It was discovered that GLib incorrectly parsed certain GVariants. An attacker could use this issue to cause GLib to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2025-14087) It was discovered that GLib incorrectly parsed certain long invalid ISO 8601 timestamps. An attacker could possibly use this issue to cause GLib to crash, resulting in a denial of service. This issue only affected Ubuntu 22.04 LTS and Ubuntu 24.04 LTS. (CVE-2025-3360) It was discovered that GLib incorrectly handled GString memory operations. An attacker could use this issue to cause GLib to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 24.04 LTS and Ubuntu 25.04. (CVE-2025-6052) It was discovered that GLib incorrectly handled creating temporary files. An attacker could possibly use this issue to access unauthorized data. This issue only affected Ubuntu 22.04 LTS, Ubuntu 24.04 LTS, and Ubuntu 25.04. (CVE-2025-7039) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 25.10 libglib2.0-0t64 2.86.0-2ubuntu0.1 libglib2.0-bin 2.86.0-2ubuntu0.1 Ubuntu 25.04 libglib2.0-0t64 2.84.1-1ubuntu0.2 libglib2.0-bin 2.84.1-1ubuntu0.2 Ubuntu 24.04 LTS libglib2.0-0t64 2.80.0-6ubuntu3.6 libglib2.0-bin 2.80.0-6ubuntu3.6 Ubuntu 22.04 LTS libglib2.0-0 2.72.4-0ubuntu2.7 libglib2.0-bin 2.72.4-0ubuntu2.7 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-7942-1 CVE-2025-13601, CVE-2025-14087, CVE-2025-3360, CVE-2025-6052, CVE-2025-7039 Package Information: https://launchpad.net/ubuntu/+source/glib2.0/2.86.0-2ubuntu0.1 https://launchpad.net/ubuntu/+source/glib2.0/2.84.1-1ubuntu0.2 https://launchpad.net/ubuntu/+source/glib2.0/2.80.0-6ubuntu3.6 https://launchpad.net/ubuntu/+source/glib2.0/2.72.4-0ubuntu2.7 . Several security issues addressed in GLib for Ubuntu including critical risks and potential code execution.. GLib, Ubuntu, security advisory, denial of service, code execution. . LinuxSecurity.com Team
A flaw was found in how GLibâs GString manages memory when adding data to strings. If a string is already very large, combining it with more input can cause a hidden overflow in the size calculation. This makes the system think it has enough memory when it doesnât. As a result, data may be written past the end of the allocated memory, leading to crashes . MGASA-2025-0216 - Updated glib2.0 packages fix security vulnerability Publication date: 02 Aug 2025 URL: https://advisories.mageia.org/MGASA-2025-0216.html Type: security Affected Mageia releases: 9 CVE: CVE-2025-6052 A flaw was found in how GLibâs GString manages memory when adding data to strings. If a string is already very large, combining it with more input can cause a hidden overflow in the size calculation. This makes the system think it has enough memory when it doesnât. As a result, data may be written past the end of the allocated memory, leading to crashes or memory corruption. References: - https://bugs.mageia.org/show_bug.cgi?id=34412 - - https://www.cve.org/CVERecord?id=CVE-2025-6052 SRPMS: - 9/core/glib2.0-2.76.3-1.5.mga9 . A critical heap overflow vulnerability in Mageia's GLib could result in severe data loss and application failure. Please implement the update without delay.. memory management, GLib security, Mageia updates, overflow issues. . LinuxSecurity.com Team
Buffer underflow on glib through glib/gstring.c via function g_string_insert_unichar. (CVE-2025-4373) References: - https://bugs.mageia.org/show_bug.cgi?id=34310 . MGASA-2025-0173 - Updated glib2.0 packages fix security vulnerability Publication date: 31 May 2025 URL: https://advisories.mageia.org/MGASA-2025-0173.html Type: security Affected Mageia releases: 9 CVE: CVE-2025-4373 Buffer underflow on glib through glib/gstring.c via function g_string_insert_unichar. (CVE-2025-4373) References: - https://bugs.mageia.org/show_bug.cgi?id=34310 - https://ubuntu.com/security/notices/USN-7532-1 - https://www.cve.org/CVERecord?id=CVE-2025-4373 SRPMS: - 9/core/glib2.0-2.76.3-1.4.mga9 . Debian 2023-0546 resolves a significant buffer overflow vulnerability in libxml2 impacting release 13 alongside a security patch.. Mageia glib security patch, glib2.0 buffer underflow, Mageia 9 software update. . LinuxSecurity.com Team
GLib could be made to crash or execute arbitrary code if it received a specially crafted input.. ========================================================================== Ubuntu Security Notice USN-7532-1 May 26, 2025 glib2.0 vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 25.04 - Ubuntu 24.10 - Ubuntu 24.04 LTS - Ubuntu 22.04 LTS - Ubuntu 20.04 LTS Summary: GLib could be made to crash or execute arbitrary code if it received a specially crafted input. Software Description: - glib2.0: GLib library of C routines Details: It was discovered that Glib incorrectly handled certain inputs. An attacker could possibly use this issue to cause a crash or execute arbitrary code. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 25.04 libglib2.0-0t64 2.84.1-1ubuntu0.1 libglib2.0-bin 2.84.1-1ubuntu0.1 Ubuntu 24.10 libglib2.0-0t64 2.82.1-0ubuntu1.1 libglib2.0-bin 2.82.1-0ubuntu1.1 Ubuntu 24.04 LTS libglib2.0-0t64 2.80.0-6ubuntu3.4 libglib2.0-bin 2.80.0-6ubuntu3.4 Ubuntu 22.04 LTS libglib2.0-0 2.72.4-0ubuntu2.5 libglib2.0-bin 2.72.4-0ubuntu2.5 Ubuntu 20.04 LTS libglib2.0-0 2.64.6-1~ubuntu20.04.9 libglib2.0-bin 2.64.6-1~ubuntu20.04.9 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-7532-1 CVE-2025-4373 Package Information: https://launchpad.net/ubuntu/+source/glib2.0/2.84.1-1ubuntu0.1 https://launchpad.net/ubuntu/+source/glib2.0/2.82.1-0ubuntu1.1 https://launchpad.net/ubuntu/+source/glib2.0/2.80.0-6ubuntu3.4 https://launchpad.net/ubuntu/+source/glib2.0/2.72.4-0ubuntu2.5 https://launchpad.net/ubuntu/+source/glib2.0/2.64.6-1~ubuntu20.04.9 . A GLibflaw in Ubuntu could lead to crashes or arbitrary code execution with specially designed inputs. Patches are released for vulnerable versions.. Ubuntu GLib vulnerability, arbitrary code execution, input handling flaw. . LinuxSecurity.com Team
Buffer overflow in socks proxy code in glib < 2.82.1. (CVE-2024-52533) References: - https://bugs.mageia.org/show_bug.cgi?id=33766 - https://www.openwall.com/lists/oss-security/2024/11/12/11 . MGASA-2024-0386 - Updated glib2.0 packages fix security vulnerability Publication date: 02 Dec 2024 URL: https://advisories.mageia.org/MGASA-2024-0386.html Type: security Affected Mageia releases: 9 CVE: CVE-2024-52533 Buffer overflow in socks proxy code in glib < 2.82.1. (CVE-2024-52533) References: - https://bugs.mageia.org/show_bug.cgi?id=33766 - https://www.openwall.com/lists/oss-security/2024/11/12/11 - https://www.cve.org/CVERecord?id=CVE-2024-52533 SRPMS: - 9/core/glib2.0-2.76.3-1.3.mga9 . Mageia security bulletin addressing glib2.0 buffer overflow released on December 2, 2024, outlines upcoming updates and remediation steps.. glib update, Mageia security, buffer overflow fix. . LinuxSecurity.com Team
An issue was discovered in GNOME GLib before 2.78.5, and 2.79.x and 2.80.x before 2.80.1. When a GDBus-based client subscribes to signals from a trusted system service such as NetworkManager on a shared computer, other users of the same computer can send spoofed D-Bus signals that the GDBus-based client will wrongly interpret as having . MGASA-2024-0311 - Updated glib2.0 packages fix security vulnerability Publication date: 25 Sep 2024 URL: https://advisories.mageia.org/MGASA-2024-0311.html Type: security Affected Mageia releases: 9 CVE: CVE-2024-34397 An issue was discovered in GNOME GLib before 2.78.5, and 2.79.x and 2.80.x before 2.80.1. When a GDBus-based client subscribes to signals from a trusted system service such as NetworkManager on a shared computer, other users of the same computer can send spoofed D-Bus signals that the GDBus-based client will wrongly interpret as having been sent by the trusted system service. This could lead to the GDBus-based client behaving incorrectly, with an application-dependent impact. (CVE-2024-34397) References: - https://bugs.mageia.org/show_bug.cgi?id=33198 - https://www.openwall.com/lists/oss-security/2024/05/07/5 - https://ubuntu.com/security/notices/USN-6768-1 - - https://www.cve.org/CVERecord?id=CVE-2024-34397 SRPMS: - 9/core/glib2.0-2.76.3-1.2.mga9 . Revised glib2.0 versions from Mageia resolve a critical vulnerability related to D-Bus signal impersonation.. glib2.0 updates, Mageia security advisory, GNOME security issues. . LinuxSecurity.com Team
Get the latest Linux and open source security news straight to your inbox.