PT-2025-50314 · Gnome+5 · Glib2.0+5

Published

2025-01-01

Updated

2026-05-27

CVE-2025-14087

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions GLib versions (affected versions not specified)

Description A flaw exists in GLib (Gnome Lib) that allows a remote attacker to cause heap corruption. This can lead to a denial of service or potential code execution through a buffer-underflow in the GVariant parser when processing maliciously crafted input strings. The vulnerability is triggered when the GVariant parser processes specially designed strings.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

RCE

DoS

Integer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-190

Related Identifiers

ALSA-2026:15953

ALSA-2026:15969

ALSA-2026:15971

ALSA-2026:19148

ALSA-2026:19361

AZL-72283

AZL-72296

BDU:2026-05069

CVE-2025-14087

DLA-4412-1

ECHO-B0A6-CDFD-D774

JLSEC-2026-488

MGASA-2026-0023

OESA-2025-2902

OPENSUSE-SU-2026:20018-1

RHSA-2026:15953

RHSA-2026:15969

RHSA-2026:15971

RHSA-2026:19148

RHSA-2026:19361

RHSA-2026:19452

RHSA-2026:19457

RHSA-2026:19459

RHSA-2026:19460

RHSA-2026:19523

RHSA-2026:19524

RHSA-2026:19565

RHSA-2026:19566

RHSA-2026:19567

RHSA-2026:7461

SUSE-SU-2025:4441-1

SUSE-SU-2025:4442-1

SUSE-SU-2025:4504-1

SUSE-SU-2026:0018-1

SUSE-SU-2026:20032-1

SUSE-SU-2026:20045-1

SUSE-SU-2026:20074-1

SUSE-SU-2026:20493-1

USN-7942-1

USN-7942-2

Affected Products

Debian

Linuxmint

Red Os

Rocky Linux

Ubuntu

Glib2.0

PT-2025-50314 · Gnome+5 · Glib2.0+5

CVE-2025-14087

Weakness Enumeration

Related Identifiers

Affected Products

References · 120