CVE-2025-7039— Glib: buffer under-read on glib through glib/gfileutils.c via get_tmp_file()
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2025-7039
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Glib: buffer under-read on glib through glib/gfileutils.c via get_tmp_file()
Source: NVD (National Vulnerability Database)
Vulnerability Description
A flaw was found in glib. An integer overflow during temporary file creation leads to an out-of-bounds memory access, allowing an attacker to potentially perform path traversal or access private temporary file content by creating symbolic links. This vulnerability allows a local attacker to manipulate file paths and access unauthorized data. The core issue stems from insufficient validation of file path lengths during temporary file operations.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
Source: NVD (National Vulnerability Database)
Vulnerability Type
对路径名的限制不恰当(路径遍历)
Source: NVD (National Vulnerability Database)
Vulnerability Title
glib 路径遍历漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
glib是GNOME项目的一个通用的、可移植的实用程序库。提供了许多有用的数据类型、宏、类型转换、字符串实用程序、文件实用程序、主循环抽象等。 glib存在路径遍历漏洞,该漏洞源于临时文件创建时整数溢出导致越界内存访问,可能允许攻击者通过创建符号链接执行路径遍历或访问私有临时文件内容。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| Red Hat | Red Hat Enterprise Linux 10 | - | cpe:/o:redhat:enterprise_linux:10 | |
| Red Hat | Red Hat Enterprise Linux 10 | - | cpe:/o:redhat:enterprise_linux:10 | |
| Red Hat | Red Hat Enterprise Linux 10 | - | cpe:/o:redhat:enterprise_linux:10 | |
| Red Hat | Red Hat Enterprise Linux 10 | - | cpe:/o:redhat:enterprise_linux:10 | |
| Red Hat | Red Hat Enterprise Linux 10 | - | cpe:/o:redhat:enterprise_linux:10 | |
| Red Hat | Red Hat Enterprise Linux 10 | - | cpe:/o:redhat:enterprise_linux:10 | |
| Red Hat | Red Hat Enterprise Linux 6 | - | cpe:/o:redhat:enterprise_linux:6 | |
| Red Hat | Red Hat Enterprise Linux 7 | - | cpe:/o:redhat:enterprise_linux:7 | |
| Red Hat | Red Hat Enterprise Linux 8 | - | cpe:/o:redhat:enterprise_linux:8 | |
| Red Hat | Red Hat Enterprise Linux 8 | - | cpe:/o:redhat:enterprise_linux:8 | |
| Red Hat | Red Hat Enterprise Linux 8 | - | cpe:/o:redhat:enterprise_linux:8 | |
| Red Hat | Red Hat Enterprise Linux 9 | - | cpe:/o:redhat:enterprise_linux:9 | |
| Red Hat | Red Hat Enterprise Linux 9 | - | cpe:/o:redhat:enterprise_linux:9 | |
| Red Hat | Red Hat Enterprise Linux 9 | - | cpe:/o:redhat:enterprise_linux:9 | |
| Red Hat | Red Hat Enterprise Linux 9 | - | cpe:/o:redhat:enterprise_linux:9 |
II. Public POCs for CVE-2025-7039
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2025-7039
请登录查看更多情报信息。
IV. Related Vulnerabilities
Same product: Red Hat Enterprise Linux 10
- CVE-2026-42011
Gnutls: gnutls: security bypass due to incorrect name constr - CVE-2026-42010
Gnutls: gnutls: authentication bypass via nul character in u - CVE-2026-6420
Keylime: keylime: security bypass due to hardcoded tpm quote - CVE-2026-34002
Xorg: xwayland: x.org x server: information disclosure or de - CVE-2026-34000
Xwayland: xorg: x.org x server: information disclosure and d
Same vendor: Red Hat
- CVE-2026-42011
Gnutls: gnutls: security bypass due to incorrect name constr - CVE-2026-42010
Gnutls: gnutls: authentication bypass via nul character in u - CVE-2026-6420
Keylime: keylime: security bypass due to hardcoded tpm quote - CVE-2026-34956
Openvswitch: open vswitch: denial of service via malformed f - CVE-2026-34002
Xorg: xwayland: x.org x server: information disclosure or de
Same weakness: CWE-22
- CVE-2026-8274
npitre cramfs-tools Directory cramfsck.c do_directory path t - CVE-2022-50956
WordPress Plugin amministrazione-aperta 3.7.3 Local File Rea - CVE-2026-8215
Industrial Application Software IAS Canias ERP RMI iasReques - CVE-2026-42605
AzuraCast: Path Traversal in `currentDirectory` Parameter En - CVE-2026-42574
apko dirFS has a symlink-following path traversal that allow
V. Comments for CVE-2025-7039
No comments yet