Wind River Support Network

HomeDefectsLIN1024-5334

Fixed

LIN1024-5334 : Security Advisory - glib-2.0 - CVE-2024-52533

Created: Nov 11, 2024 Updated: Dec 15, 2024

Resolved Date: Dec 15, 2024

Found In Version: 10.24.33.1

Severity: Standard

Applicable for: Wind River Linux LTS 24

Component/s: Userspace

Description

gio/gsocks4aproxy.c in GNOME GLib before 2.82.1 has an off-by-one error and resultant buffer overflow because SOCKS4_CONN_MSG_LEN is not sufficient for a trailing '\0' character.

CREATE(Triage):(User=admin) CVE-2024-52533 (https://nvd.nist.gov/vuln/detail/CVE-2024-52533)

CVEs

CVE-2024-52533