A flaw was found in glib, where the gvariant deserialization code is vulnerable to a denial of service introduced by additional input validation added to resolve CVE-2023-29499. The offset table validation may be very slow. This bug does not affect any released version of glib but does affect glib distributors who followed the guidance of glib developers to backport the initial fix for CVE-2023-29499.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: redhat
Published: 2023-09-14T19:19:21.874Z
Updated: 2024-08-02T15:25:36.370Z
Reserved: 2023-05-30T11:48:42.112Z
Link: CVE-2023-32636
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2023-09-14T20:15:09.653
Modified: 2024-01-12T22:09:56.247
Link: CVE-2023-32636
Redhat