Main Vulnerability Database SB2025042833

SB2025042833 - SUSE update for glib2

Published: April 28, 2025

Security Bulletin ID SB2025042833

Severity

Medium

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Remote access

Highest impact Denial of service

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) Integer overflow (CVE-ID: CVE-2025-3360)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to integer overflow with the g_date_time_new_from_iso8601() function when parsing a long invalid ISO 8601 timestamp. A remote attacker can pass specially crafted data to the application, trigger an integer overflow and perform a denial of service (DoS) attack.

Remediation

Install update from vendor's website.

References

https://www.suse.com/support/update/announcement/2025/suse-su-20251367-1/

Vulnerable Software

Basesystem Module: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
SUSE Linux Enterprise Desktop 15: SP6
glib2-tools-64bit-debuginfo: before 2.78.6-150600.4.11.1
libgthread-2_0-0-64bit: before 2.78.6-150600.4.11.1
libgio-2_0-0-64bit-debuginfo: before 2.78.6-150600.4.11.1
libglib-2_0-0-64bit: before 2.78.6-150600.4.11.1
libgio-2_0-0-64bit: before 2.78.6-150600.4.11.1
libglib-2_0-0-64bit-debuginfo: before 2.78.6-150600.4.11.1
libgobject-2_0-0-64bit: before 2.78.6-150600.4.11.1
libgmodule-2_0-0-64bit-debuginfo: before 2.78.6-150600.4.11.1
glib2-tools-64bit: before 2.78.6-150600.4.11.1
glib2-devel-64bit-debuginfo: before 2.78.6-150600.4.11.1
libgmodule-2_0-0-64bit: before 2.78.6-150600.4.11.1
glib2-devel-64bit: before 2.78.6-150600.4.11.1
libgthread-2_0-0-64bit-debuginfo: before 2.78.6-150600.4.11.1
libgobject-2_0-0-64bit-debuginfo: before 2.78.6-150600.4.11.1
glib2-devel-32bit-debuginfo: before 2.78.6-150600.4.11.1
libgio-2_0-0-32bit: before 2.78.6-150600.4.11.1
libgobject-2_0-0-32bit-debuginfo: before 2.78.6-150600.4.11.1
libgmodule-2_0-0-32bit: before 2.78.6-150600.4.11.1
libgobject-2_0-0-32bit: before 2.78.6-150600.4.11.1
libgmodule-2_0-0-32bit-debuginfo: before 2.78.6-150600.4.11.1
libgthread-2_0-0-32bit-debuginfo: before 2.78.6-150600.4.11.1
libglib-2_0-0-32bit: before 2.78.6-150600.4.11.1
glib2-tools-32bit-debuginfo: before 2.78.6-150600.4.11.1
libgthread-2_0-0-32bit: before 2.78.6-150600.4.11.1
libgio-2_0-0-32bit-debuginfo: before 2.78.6-150600.4.11.1
libglib-2_0-0-32bit-debuginfo: before 2.78.6-150600.4.11.1
glib2-tools-32bit: before 2.78.6-150600.4.11.1
glib2-devel-32bit: before 2.78.6-150600.4.11.1
glib2-doc: before 2.78.6-150600.4.11.1
libglib-2_0-0: before 2.78.6-150600.4.11.1
glib2-tools: before 2.78.6-150600.4.11.1
glib2-tests-devel: before 2.78.6-150600.4.11.1
libgobject-2_0-0: before 2.78.6-150600.4.11.1
libgthread-2_0-0: before 2.78.6-150600.4.11.1
libgobject-2_0-0-debuginfo: before 2.78.6-150600.4.11.1
libgio-2_0-0-debuginfo: before 2.78.6-150600.4.11.1
glib2-devel: before 2.78.6-150600.4.11.1
glib2-devel-static: before 2.78.6-150600.4.11.1
libglib-2_0-0-debuginfo: before 2.78.6-150600.4.11.1
libgmodule-2_0-0-debuginfo: before 2.78.6-150600.4.11.1
glib2-tests-devel-debuginfo: before 2.78.6-150600.4.11.1
libgthread-2_0-0-debuginfo: before 2.78.6-150600.4.11.1
glib2-tools-debuginfo: before 2.78.6-150600.4.11.1
glib2-debugsource: before 2.78.6-150600.4.11.1
libgio-2_0-0: before 2.78.6-150600.4.11.1
glib2-devel-debuginfo: before 2.78.6-150600.4.11.1
libgmodule-2_0-0: before 2.78.6-150600.4.11.1
glib2-lang: before 2.78.6-150600.4.11.1
gio-branding-upstream: before 2.78.6-150600.4.11.1

SB2025042833 - SUSE update for glib2

Breakdown by Severity

Description

Remediation

References

Please verify you're human