CVE-2026-0988

CVSS v3.1

3.7

Low

Vector

AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

Name of the Vulnerable Software and Affected Versions glib (affected versions not specified)

Description A flaw exists in glib due to missing validation of offset and count parameters within the g buffered input stream peek() function. This can result in an integer overflow during length calculation when provided with specifically crafted values. The overflow causes an incorrect size to be passed to memcpy(), leading to a buffer overflow. This can cause application crashes, resulting in a Denial of Service (DoS). The vulnerable function is g buffered input stream peek().

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

DoS

Integer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-190

Related Identifiers

AZL-75017

AZL-75020

BDU:2026-05068

CVE-2026-0988

ECHO-28C4-B486-37B4

MGASA-2026-0023

OESA-2026-1291

OESA-2026-1292

OESA-2026-1293

OESA-2026-1294

OPENSUSE-SU-2026:10089-1

OPENSUSE-SU-2026:20150-1

RHSA-2026:7461

SUSE-SU-2026:0264-1

SUSE-SU-2026:0266-1

SUSE-SU-2026:0286-1

SUSE-SU-2026:0458-1

SUSE-SU-2026:20210-1

SUSE-SU-2026:20221-1

SUSE-SU-2026:20446-1

SUSE-SU-2026:20493-1

USN-7971-1

Affected Products

Linuxmint

Ubuntu

Glib

CVE-2026-0988

Weakness Enumeration

Related Identifiers

Affected Products

References · 71