发布时间: 2023年6月9日
修改时间: 2023年6月9日
GLib s GVariant deserialization prior to GLib 2.74.4 is vulnerable to an exponential blowup issue where a crafted GVariant can cause excessive processing, leading to denial of service.References:https://gitlab.gnome.org/GNOME/glib/-/issues/2121
| NVD | openEuler | |
|---|---|---|
| Confidentiality | ||
| Attack Vector | ||
| CVSS评分 | 6.5 | |
| Attack Complexity | ||
| Privileges Required | ||
| Scope | ||
| Integrity | ||
| User Interaction | ||
| Availability |
| 公告名 | 概要 | 发布时间 |
|---|---|---|
| KylinSec-SA-2023-1406 | GLib s GVariant deserialization prior to GLib 2.74.4 is vulnerable to an exponential blowup issue where a crafted GVariant can cause excessive processing, leading to denial of service.References:https://gitlab.gnome.org/GNOME/glib/-/issues/2121 | 2023年6月9日 |
| 产品 | 包 | 状态 |
|---|---|---|
| KY3.4-4A | glib2 | Unaffected |
| KY3.4-5A | glib2 | Unaffected |
| KY3.5.1 | glib2 | Unaffected |
| KY3.5.2 | glib2 | Unaffected |
