CVE-2023-32665

Updated: 2024-04-26 20:45:41.334773

Description:

A flaw was found in GLib. GVariant deserialization is vulnerable to an exponential blowup issue where a crafted GVariant can cause excessive processing, leading to denial of service.


Links NIST CIRCL RHEL Ubuntu

Severity

Severity Score
CVSS Version 2.x 0
CVSS Version 3.x MEDIUM 5.5

Status

OS name Project name Version Score Severity Status Errata Last updated
AlmaLinux 9.2 ESU glib2 2.68.4 5.5 MEDIUM In Testing 2024-05-29 06:46:55
CentOS 6 ELS glib2 2.28.8 5.5 MEDIUM Ignored 2023-09-21 05:07:14
CentOS 7 ELS glib2 2.56.1 5.5 MEDIUM Released CLSA-2023:1697135256 2023-10-12 17:08:05
CentOS 8.4 ELS glib2 2.56.4-10 5.5 MEDIUM Released CLSA-2023:1697740212 2023-10-19 21:08:34
CentOS 8.5 ELS glib2 2.56.4-156 5.5 MEDIUM Released CLSA-2023:1697740947 2023-10-19 21:08:31
CloudLinux 6 ELS glib2 2.28.8 5.5 MEDIUM Ignored 2023-09-21 05:07:14
Oracle Linux 6 ELS glib2 2.28.8 5.5 MEDIUM Ignored 2023-09-21 05:07:14
Ubuntu 16.04 ELS glib2.0 2.48.2-0 5.5 MEDIUM Released CLSA-2023:1697741722 2023-10-19 21:08:40
Ubuntu 18.04 ELS glib2.0 2.56.4-0 5.5 MEDIUM Released CLSA-2023:1697741849 2023-10-19 21:08:41