正文

GNOME Glib 缓冲区错误漏洞

admin
admin V管理员 /0 评论 /11 阅读
0304
此篇文章发布距今已超过1167天,您需要注意文章的内容或图片是否可用!

漏洞信息详情

GNOME Glib 缓冲区错误漏洞

  • CNNVD编号:CNNVD-202102-1182
    • <!--
  • 危害等级: 高危-->
  • 危害等级: 高危
  • CVE编号: CVE-2021-27218
  • 漏洞类型: 缓冲区错误
  • 发布时间: 2021-02-15
  • 威胁类型: 远程
  • 更新时间: 2021-12-01
  • 厂        商:
  • 漏洞来源: Ubuntu

漏洞简介

GNOME Glib是一套用于创建图形用户界面的多平台工具包,是GTK+和GNOME工程的基础底层核心程序库。

GNOME GLib中存在缓冲区错误漏洞,该漏洞源于网络系统或产品在内存上执行操作时,未正确验证数据边界,导致向关联的其他内存位置上执行了错误的读写操作。攻击者可利用该漏洞导致缓冲区溢出或堆溢出等。

漏洞公告

目前厂商已发布升级补丁以修复漏洞,补丁获取链接:

https://gitlab.gnome.org/GNOME/glib/-/merge_requests/1944

参考网址

来源:MLIST

链接:https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E

来源:MLIST

链接:https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E

来源:CONFIRM

链接:https://security.netapp.com/advisory/ntap-20210319-0004/

来源:FEDORA

链接:https://lists.fedoraproject.org/archives/list/[email protected]/message/2REA7RVKN7ZHRLJOEGBRQKJIPZQPAELZ/

来源:MISC

链接:https://gitlab.gnome.org/GNOME/glib/-/merge_requests/1942

来源:GENTOO

链接:https://security.gentoo.org/glsa/202107-13

来源:MISC

链接:https://gitlab.gnome.org/GNOME/glib/-/merge_requests/1944

来源:MLIST

链接:https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E

来源:FEDORA

链接:https://lists.fedoraproject.org/archives/list/[email protected]/message/JJMPNDO4GDVURYQFYKFOWY5HAF4FTEPN/

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/ESB-2021.0818

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/ESB-2021.0917

来源:packetstormsecurity.com

链接:https://packetstormsecurity.com/files/164192/Red-Hat-Security-Advisory-2021-3556-01.html

来源:www.cybersecurity-help.cz

链接:https://www.cybersecurity-help.cz/vdb/SB2021111130

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/ESB-2021.3427

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/ESB-2021.0994

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/ESB-2021.0896

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/ESB-2021.2897

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/ESB-2021.3744

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/ESB-2021.2959

来源:packetstormsecurity.com

链接:https://packetstormsecurity.com/files/164028/Red-Hat-Security-Advisory-2021-3262-01.html

来源:packetstormsecurity.com

链接:https://packetstormsecurity.com/files/163806/Red-Hat-Security-Advisory-2021-3146-01.html

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/ESB-2021.2736

来源:vigilance.fr

链接:https://vigilance.fr/vulnerability/GNOME-Glib-integer-overflow-via-g-byte-array-new-take-34775

来源:packetstormsecurity.com

链接:https://packetstormsecurity.com/files/163426/Gentoo-Linux-Security-Advisory-202107-13.html

来源:www.cybersecurity-help.cz

链接:https://www.cybersecurity-help.cz/vdb/SB2021090126

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/ESB-2021.3015

来源:www.cybersecurity-help.cz

链接:https://www.cybersecurity-help.cz/vdb/SB2021092209

来源:www.cybersecurity-help.cz

链接:https://www.cybersecurity-help.cz/vdb/SB2021070711

来源:packetstormsecurity.com

链接:https://packetstormsecurity.com/files/164223/Red-Hat-Security-Advisory-2021-3598-01.html

来源:packetstormsecurity.com

链接:https://packetstormsecurity.com/files/164511/Red-Hat-Security-Advisory-2021-3851-01.html

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/ESB-2021.2722

来源:packetstormsecurity.com

链接:https://packetstormsecurity.com/files/164076/Red-Hat-Security-Advisory-2021-3454-01.html

来源:packetstormsecurity.com

链接:https://packetstormsecurity.com/files/161714/Ubuntu-Security-Notice-USN-4759-1.html

来源:packetstormsecurity.com

链接:https://packetstormsecurity.com/files/163771/Red-Hat-Security-Advisory-2021-3058-01.html

来源:packetstormsecurity.com

链接:https://packetstormsecurity.com/files/165099/Red-Hat-Security-Advisory-2021-4848-07.html

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/ESB-2021.3168

来源:packetstormsecurity.com

链接:https://packetstormsecurity.com/files/164856/Red-Hat-Security-Advisory-2021-4526-03.html

来源:www.ibm.com

链接:https://www.ibm.com/support/pages/node/6518308

来源:www.cybersecurity-help.cz

链接:https://www.cybersecurity-help.cz/vdb/SB2021101001

来源:nvd.nist.gov

链接:https://nvd.nist.gov/vuln/detail/CVE-2021-27218

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/ESB-2021.3141

来源:packetstormsecurity.com

链接:https://packetstormsecurity.com/files/163957/Red-Hat-Security-Advisory-2021-3361-01.html

受影响实体

    暂无


补丁

  • GNOME Glib 缓冲区错误漏洞的修复措施
    <!--
    2021-2-15
    -->