AZL-75017

See a problem?

Import Source

https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-75017.json

JSON Data

https://api.osv.dev/v1/vulns/AZL-75017

Upstream

CVE-2026-0988

Published

2026-01-21T12:15:55Z

Modified

2026-04-21T04:38:49.703317Z

Summary

CVE-2026-0988 affecting package glib 2.78.6-8

Details

A flaw was found in glib. Missing validation of offset and count parameters in the gbufferedinputstreampeek() function can lead to an integer overflow during length calculation. When specially crafted values are provided, this overflow results in an incorrect size being passed to memcpy(), triggering a buffer overflow. This can cause application crashes, leading to a Denial of Service (DoS).

References

https://nvd.nist.gov/vuln/detail/CVE-2026-0988

Affected packages

Azure Linux:3 / glib

Package

Name: glib
Purl: pkg:rpm/azure-linux/glib

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Last affected

2.78.6-8

Database specific

source

"https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-75017.json"