UBUNTU-CVE-2026-0988
- Source
- https://ubuntu.com/security/CVE-2026-0988
- Import Source
- https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-0988.json
- JSON Data
- https://api.osv.dev/v1/vulns/UBUNTU-CVE-2026-0988
- Upstream
- Downstream
- Related
- Published
- 2026-01-16T00:00:00Z
- Modified
- 2026-05-20T16:24:07.700088389Z
- Severity
-
- 3.7 (Low) CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L CVSS Calculator
- Ubuntu - medium
- Summary
- [none]
- Details
-
A flaw was found in glib. Missing validation of offset and count parameters in the gbufferedinputstreampeek() function can lead to an integer overflow during length calculation. When specially crafted values are provided, this overflow results in an incorrect size being passed to memcpy(), triggering a buffer overflow. This can cause application crashes, leading to a Denial of Service (DoS).
- References
Affected packages
Ubuntu:22.04:LTS
glib2.0
Package
- Name
- glib2.0
- Purl
- pkg:deb/ubuntu/glib2.0?arch=source&distro=jammy
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed2.72.4-0ubuntu2.8
Affected versions
2.*
2.68.4-1ubuntu1
2.70.1-1
2.70.2-1
2.71.0-2
2.71.1-1
2.71.2-1
2.71.3-1
2.72.0-1
2.72.1-1
2.72.4-0ubuntu1
2.72.4-0ubuntu2
2.72.4-0ubuntu2.2
2.72.4-0ubuntu2.3
2.72.4-0ubuntu2.4
2.72.4-0ubuntu2.5
2.72.4-0ubuntu2.6
2.72.4-0ubuntu2.7
Ecosystem specific
{
"availability": "No subscription required",
"binaries": [
{
"binary_name": "libglib2.0-0",
"binary_version": "2.72.4-0ubuntu2.8"
},
{
"binary_name": "libglib2.0-bin",
"binary_version": "2.72.4-0ubuntu2.8"
},
{
"binary_name": "libglib2.0-data",
"binary_version": "2.72.4-0ubuntu2.8"
},
{
"binary_name": "libglib2.0-dev-bin",
"binary_version": "2.72.4-0ubuntu2.8"
},
{
"binary_name": "libglib2.0-tests",
"binary_version": "2.72.4-0ubuntu2.8"
}
]
}Ubuntu:24.04:LTS
glib2.0
Package
- Name
- glib2.0
- Purl
- pkg:deb/ubuntu/glib2.0?arch=source&distro=noble
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed2.80.0-6ubuntu3.7
Affected versions
2.*
2.78.0-2
2.78.1-4
2.78.3-1
2.78.3-2
2.79.1-1
2.79.2-1~ubuntu1
2.79.3-3ubuntu5
2.80.0-6ubuntu1
2.80.0-6ubuntu3
2.80.0-6ubuntu3.1
2.80.0-6ubuntu3.2
2.80.0-6ubuntu3.4
2.80.0-6ubuntu3.5
2.80.0-6ubuntu3.6
Ecosystem specific
{
"availability": "No subscription required",
"binaries": [
{
"binary_name": "gir1.2-girepository-3.0",
"binary_version": "2.80.0-6ubuntu3.7"
},
{
"binary_name": "gir1.2-glib-2.0",
"binary_version": "2.80.0-6ubuntu3.7"
},
{
"binary_name": "libgirepository-2.0-0",
"binary_version": "2.80.0-6ubuntu3.7"
},
{
"binary_name": "libglib2.0-0t64",
"binary_version": "2.80.0-6ubuntu3.7"
},
{
"binary_name": "libglib2.0-bin",
"binary_version": "2.80.0-6ubuntu3.7"
},
{
"binary_name": "libglib2.0-data",
"binary_version": "2.80.0-6ubuntu3.7"
},
{
"binary_name": "libglib2.0-dev-bin",
"binary_version": "2.80.0-6ubuntu3.7"
},
{
"binary_name": "libglib2.0-tests",
"binary_version": "2.80.0-6ubuntu3.7"
}
]
}Ubuntu:25.10
glib2.0
Package
- Name
- glib2.0
- Purl
- pkg:deb/ubuntu/glib2.0?arch=source&distro=questing
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed2.86.0-2ubuntu0.2
Affected versions
2.*
2.84.1-1
2.84.1-2
2.84.2-1
2.84.3-1
2.85.1-2
2.85.2-2
2.85.3-1
2.86.0-2
2.86.0-2ubuntu0.1
Ecosystem specific
{
"availability": "No subscription required",
"binaries": [
{
"binary_name": "gir1.2-girepository-3.0",
"binary_version": "2.86.0-2ubuntu0.2"
},
{
"binary_name": "gir1.2-glib-2.0",
"binary_version": "2.86.0-2ubuntu0.2"
},
{
"binary_name": "girepository-tools",
"binary_version": "2.86.0-2ubuntu0.2"
},
{
"binary_name": "libgio-2.0-dev-bin",
"binary_version": "2.86.0-2ubuntu0.2"
},
{
"binary_name": "libgirepository-2.0-0",
"binary_version": "2.86.0-2ubuntu0.2"
},
{
"binary_name": "libglib2.0-0t64",
"binary_version": "2.86.0-2ubuntu0.2"
},
{
"binary_name": "libglib2.0-bin",
"binary_version": "2.86.0-2ubuntu0.2"
},
{
"binary_name": "libglib2.0-data",
"binary_version": "2.86.0-2ubuntu0.2"
},
{
"binary_name": "libglib2.0-dev-bin",
"binary_version": "2.86.0-2ubuntu0.2"
},
{
"binary_name": "libglib2.0-tests",
"binary_version": "2.86.0-2ubuntu0.2"
}
]
}Ubuntu:26.04:LTS
glib2.0
Package
- Name
- glib2.0
- Purl
- pkg:deb/ubuntu/glib2.0?arch=source&distro=resolute
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed2.87.2-2
Ecosystem specific
{
"availability": "No subscription required",
"binaries": [
{
"binary_name": "gir1.2-girepository-3.0",
"binary_version": "2.87.2-2"
},
{
"binary_name": "gir1.2-glib-2.0",
"binary_version": "2.87.2-2"
},
{
"binary_name": "girepository-tools",
"binary_version": "2.87.2-2"
},
{
"binary_name": "libgio-2.0-dev-bin",
"binary_version": "2.87.2-2"
},
{
"binary_name": "libgirepository-2.0-0",
"binary_version": "2.87.2-2"
},
{
"binary_name": "libglib2.0-0t64",
"binary_version": "2.87.2-2"
},
{
"binary_name": "libglib2.0-bin",
"binary_version": "2.87.2-2"
},
{
"binary_name": "libglib2.0-data",
"binary_version": "2.87.2-2"
},
{
"binary_name": "libglib2.0-dev-bin",
"binary_version": "2.87.2-2"
},
{
"binary_name": "libglib2.0-tests",
"binary_version": "2.87.2-2"
}
]
}Ubuntu:Pro:14.04:LTS
glib2.0
Package
- Name
- glib2.0
- Purl
- pkg:deb/ubuntu/glib2.0?arch=source&distro=esm-infra-legacy%2Ftrusty
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
2.*
2.38.0-1ubuntu1
2.38.1-1
2.39.1-0ubuntu1
2.39.1-0ubuntu2
2.39.1-0ubuntu3
2.39.2-0ubuntu1
2.39.2-0ubuntu2
2.39.3-0ubuntu4
2.39.4-0ubuntu1
2.39.90-0ubuntu1
2.39.91-0ubuntu2
2.39.91-0ubuntu3
2.39.92-2
2.40.0-1
2.40.0-1ubuntu1
2.40.0-2
2.40.2-0ubuntu1
2.40.2-0ubuntu1.1
2.40.2-0ubuntu1.1+esm1
2.40.2-0ubuntu1.1+esm2
2.40.2-0ubuntu1.1+esm3
2.40.2-0ubuntu1.1+esm4
2.40.2-0ubuntu1.1+esm6
2.40.2-0ubuntu1.1+esm7
Ecosystem specific
{
"binaries": [
{
"binary_name": "libglib2.0-0",
"binary_version": "2.40.2-0ubuntu1.1+esm7"
},
{
"binary_name": "libglib2.0-0-refdbg",
"binary_version": "2.40.2-0ubuntu1.1+esm7"
},
{
"binary_name": "libglib2.0-bin",
"binary_version": "2.40.2-0ubuntu1.1+esm7"
},
{
"binary_name": "libglib2.0-data",
"binary_version": "2.40.2-0ubuntu1.1+esm7"
},
{
"binary_name": "libglib2.0-tests",
"binary_version": "2.40.2-0ubuntu1.1+esm7"
}
]
}Ubuntu:Pro:16.04:LTS
glib2.0
Package
- Name
- glib2.0
- Purl
- pkg:deb/ubuntu/glib2.0?arch=source&distro=esm-infra%2Fxenial
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
2.*
2.46.1-1
2.46.1-2
2.47.1-1
2.47.3-3
2.47.4-1
2.47.5-1
2.47.6-1
2.48.0-1ubuntu3
2.48.0-1ubuntu4
2.48.1-1~ubuntu16.04.1
2.48.2-0ubuntu1
2.48.2-0ubuntu3
2.48.2-0ubuntu4
2.48.2-0ubuntu4.1
2.48.2-0ubuntu4.2
2.48.2-0ubuntu4.3
2.48.2-0ubuntu4.4
2.48.2-0ubuntu4.5
2.48.2-0ubuntu4.6
2.48.2-0ubuntu4.7
2.48.2-0ubuntu4.8
2.48.2-0ubuntu4.8+esm1
2.48.2-0ubuntu4.8+esm3
2.48.2-0ubuntu4.8+esm4
2.48.2-0ubuntu4.8+esm5
Ecosystem specific
{
"binaries": [
{
"binary_name": "libglib2.0-0",
"binary_version": "2.48.2-0ubuntu4.8+esm5"
},
{
"binary_name": "libglib2.0-0-refdbg",
"binary_version": "2.48.2-0ubuntu4.8+esm5"
},
{
"binary_name": "libglib2.0-bin",
"binary_version": "2.48.2-0ubuntu4.8+esm5"
},
{
"binary_name": "libglib2.0-data",
"binary_version": "2.48.2-0ubuntu4.8+esm5"
},
{
"binary_name": "libglib2.0-tests",
"binary_version": "2.48.2-0ubuntu4.8+esm5"
}
]
}Ubuntu:Pro:18.04:LTS
glib2.0
Package
- Name
- glib2.0
- Purl
- pkg:deb/ubuntu/glib2.0?arch=source&distro=esm-infra%2Fbionic
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
2.*
2.54.1-1ubuntu1
2.55.2-2ubuntu1
2.56.0-2ubuntu1
2.56.0-4ubuntu1
2.56.1-2ubuntu1
2.56.2-0ubuntu0.18.04.1
2.56.2-0ubuntu0.18.04.2
2.56.3-0ubuntu0.18.04.1
2.56.4-0ubuntu0.18.04.2
2.56.4-0ubuntu0.18.04.3
2.56.4-0ubuntu0.18.04.4
2.56.4-0ubuntu0.18.04.5
2.56.4-0ubuntu0.18.04.6
2.56.4-0ubuntu0.18.04.7
2.56.4-0ubuntu0.18.04.8
2.56.4-0ubuntu0.18.04.9
2.56.4-0ubuntu0.18.04.9+esm3
2.56.4-0ubuntu0.18.04.9+esm4
2.56.4-0ubuntu0.18.04.9+esm5
Ecosystem specific
{
"binaries": [
{
"binary_name": "libglib2.0-0",
"binary_version": "2.56.4-0ubuntu0.18.04.9+esm5"
},
{
"binary_name": "libglib2.0-bin",
"binary_version": "2.56.4-0ubuntu0.18.04.9+esm5"
},
{
"binary_name": "libglib2.0-data",
"binary_version": "2.56.4-0ubuntu0.18.04.9+esm5"
},
{
"binary_name": "libglib2.0-dev-bin",
"binary_version": "2.56.4-0ubuntu0.18.04.9+esm5"
},
{
"binary_name": "libglib2.0-tests",
"binary_version": "2.56.4-0ubuntu0.18.04.9+esm5"
}
]
}Ubuntu:Pro:20.04:LTS
glib2.0
Package
- Name
- glib2.0
- Purl
- pkg:deb/ubuntu/glib2.0?arch=source&distro=esm-infra%2Ffocal
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
2.*
2.62.1-1
2.63.1-2
2.63.1-2ubuntu1
2.63.3-1
2.63.3-3
2.63.5-2
2.64.0-1
2.64.1-1
2.64.2-1~fakesync1
2.64.3-1~ubuntu20.04.1
2.64.6-1~ubuntu20.04.1
2.64.6-1~ubuntu20.04.2
2.64.6-1~ubuntu20.04.3
2.64.6-1~ubuntu20.04.4
2.64.6-1~ubuntu20.04.6
2.64.6-1~ubuntu20.04.7
2.64.6-1~ubuntu20.04.8
2.64.6-1~ubuntu20.04.9
2.64.6-1~ubuntu20.04.9+esm1
Ecosystem specific
{
"binaries": [
{
"binary_name": "libglib2.0-0",
"binary_version": "2.64.6-1~ubuntu20.04.9+esm1"
},
{
"binary_name": "libglib2.0-bin",
"binary_version": "2.64.6-1~ubuntu20.04.9+esm1"
},
{
"binary_name": "libglib2.0-data",
"binary_version": "2.64.6-1~ubuntu20.04.9+esm1"
},
{
"binary_name": "libglib2.0-dev-bin",
"binary_version": "2.64.6-1~ubuntu20.04.9+esm1"
},
{
"binary_name": "libglib2.0-tests",
"binary_version": "2.64.6-1~ubuntu20.04.9+esm1"
}
]
}