CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

CVE-2025-4373: Glib: buffer underflow on glib through glib/gstring.c via function g_string_insert_unichar

Description

A flaw was found in GLib, which is vulnerable to an integer overflow in the g_string_insert_unichar() function. When the position at which to insert the character is large, the position will overflow, leading to a buffer underwrite.

Classification

CVE ID: CVE-2025-4373

Problem Types

Buffer Underwrite ('Buffer Underflow')

Affected Products

Vendor: Red Hat

Product: Red Hat Enterprise Linux 6, Red Hat Enterprise Linux 7, Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 9

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.05% (probability of being exploited)

EPSS Percentile: 15.8% (scored less or equal to compared to others)

EPSS Date: 2025-06-04 (when was this score calculated)

References

https://nvd.nist.gov/vuln/detail/CVE-2025-4373
https://access.redhat.com/security/cve/CVE-2025-4373
https://bugzilla.redhat.com/show_bug.cgi?id=2364265

Timeline

2025-05-06 15:40:26 UTC
CVE

Glib: buffer underflow on glib through glib/gstring.c via function g_string_insert_unichar