Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Glib: integer underflow in gio/gdbusintrospection.c via "g_dbus_node_info_new_for_xml"
Vulnerability Description
A flaw was found in GLib. A state confusion issue exists in g_dbus_node_info_new_for_xml() in the gio/gdbusintrospection.c file when processing malformed D-Bus introspection XML, specifically with a <node> element nested within other elements like <method>, <signal>, <property> or <arg>. This issue can cause an unsigned integer overflow and lead to an out-of-bounds read, resulting in a denial of service.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Vulnerability Type
整数下溢(超界折返)
Vulnerability Title
GNOME GLib 数字错误漏洞
Vulnerability Description
GNOME glib是GNOME基金会开源的一个通用的、可移植的实用程序库。提供了许多有用的数据类型、宏、类型转换、字符串实用程序、文件实用程序、主循环抽象等。 GLib 2.88.1之前版本存在数字错误漏洞,该漏洞源于在g_dbus_node_info_new_for_xml()函数处理格式错误的D-Bus introspection XML时存在状态混淆问题,具体为<node>元素嵌套在<method>、<signal>、<property>或<arg>等其他元素内,可能导致无符号整数溢出并引发越界读
CVSS Information
N/A
Vulnerability Type
N/A