Vulnerability Description
A flaw was found in GLib, which is vulnerable to an integer overflow in the g_string_insert_unichar() function. When the position at which to insert the character is large, the position will overflow, leading to a buffer underwrite.
CVSS Score
MEDIUM
Related Weaknesses (CWE)
References
- https://access.redhat.com/errata/RHSA-2025:10855
- https://access.redhat.com/errata/RHSA-2025:11140
- https://access.redhat.com/errata/RHSA-2025:11327
- https://access.redhat.com/errata/RHSA-2025:11373
- https://access.redhat.com/errata/RHSA-2025:11374
- https://access.redhat.com/errata/RHSA-2025:11662
- https://access.redhat.com/errata/RHSA-2025:12275
- https://access.redhat.com/errata/RHSA-2025:13335
- https://access.redhat.com/errata/RHSA-2025:14988
- https://access.redhat.com/errata/RHSA-2025:14989
- https://access.redhat.com/errata/RHSA-2025:14990
- https://access.redhat.com/errata/RHSA-2025:14991
- https://access.redhat.com/security/cve/CVE-2025-4373
- https://bugzilla.redhat.com/show_bug.cgi?id=2364265
- https://gitlab.gnome.org/GNOME/glib/-/issues/3677
FAQ
What is CVE-2025-4373?
CVE-2025-4373 is a vulnerability with a CVSS score of 4.8 (MEDIUM). A flaw was found in GLib, which is vulnerable to an integer overflow in the g_string_insert_unichar() function. When the position at which to insert the character is large, the position will overflow,...
How severe is CVE-2025-4373?
CVE-2025-4373 has been rated MEDIUM with a CVSS base score of 4.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2025-4373?
Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.