#VU100566 Off-by-one in Gnome GLib - CVE-2024-52533


Vulnerability identifier: #VU100566

Vulnerability risk: High

CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2024-52533

CWE-ID: CWE-193

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Gnome GLib
Universal components / Libraries / Libraries used by multiple products

Vendor: Gnome Development Team

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to an off-by-one error in gio/gsocks4aproxy.c when handling responses from SOCKS4 proxy. A remote attacker can trick the victim into connecting to a malicious SOCKS4 proxy server, trigger an off-by-one error and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

Gnome GLib: 2.0 - 2.82.0

External links
https://gitlab.gnome.org/Teams/Releng/security/-/wikis/home
https://gitlab.gnome.org/GNOME/glib/-/issues/3461
https://gitlab.gnome.org/GNOME/glib/-/releases/2.82.1

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.


Latest bulletins with this vulnerability


Dell VxRail Appliance 8.x update for third-party components
Multiple vulnerabilities in Dell VxRail Appliance 7.x
Multiple vulnerabilities in Dell VxRail Appliance
Dell SmartFabric Manager update for third-party components
Red Hat Enterprise Linux 9 update for mingw-glib2
Multiple vulnerabilities in IBM App Connect Enterprise Certified Container
Multiple vulnerabilities in Dell OpenManage Network Integration (OMNI)
SUSE update for glib2
SUSE update for glib2
SUSE update for glib2