4.2 MEDIUM
- CVSS version (CVSS): 3.1
- Attack Vector (AV): Network (N)
- Attack Complexity (AC): High (H)
- Privileges Required (PR): None (N)
- User Interaction (UI): Required (R)
- Scope (S): Unchanged (U)
- Confidentiality (C): None (N)
- Integrity (I): Low (L)
- Availability (A): Low (L)
- Modified Attack Vector (MAV): Network (N)
- Modified Attack Complexity (MAC): High (H)
- Modified Privileges Required (MPR): None (N)
- Modified User Interaction (MUI): Required (R)
- Modified Confidentiality (MC): None (N)
- Modified Scope (MS): Unchanged (U)
- Modified Integrity (MI): Low (L)
- Modified Availability (MA): Low (L)
Activity log
- Created suggestion
Glib: integer overflow leading to buffer underflow and out-of-bounds write in glib g_base64_encode()
A flaw was found in the GLib Base64 encoding routine when processing very large input data. Due to incorrect use of integer types during length calculation, the library may miscalculate buffer boundaries. This can cause memory writes outside the allocated buffer. Applications that process untrusted or extremely large Base64 input using GLib may crash or behave unpredictably.
References
Affected products
Matching in nixpkgs
pkgs.bootc
Boot and upgrade via container images
pkgs.loupe
Simple image viewer application written with GTK4 and Rust
pkgs.papers
GNOME's document viewer
pkgs.qbootctl
Qualcomm bootctl HAL for Linux
pkgs.rpm-ostree
Hybrid image/package system. It uses OSTree as an image format, and uses RPM as a component model
pkgs.podman-bootc
Streamlining podman+bootc interactions
pkgs.mlxbf-bootctl
Control BlueField boot partitions
-
nixos-unstable 2025-01-16
- nixpkgs-unstable 2025-01-16
- nixos-unstable-small 2025-01-16
pkgs.glycin-loaders
Glycin loaders for several formats
pkgs.pop-wallpapers
Wallpapers for Pop!_OS
-
nixos-unstable 1.0.5-unstable-2025-06-24
- nixpkgs-unstable 1.0.5-unstable-2025-06-24
- nixos-unstable-small 1.0.5-unstable-2025-06-24
pkgs.cosmic-wallpapers
Wallpapers for the COSMIC Desktop Environment
-
nixos-unstable 1.0.0-beta.7
- nixpkgs-unstable 1.0.0-beta.7
- nixos-unstable-small 1.0.0-beta.7
pkgs.pop-hp-wallpapers
Wallpapers for High-Performance System76 products
-
nixos-unstable 0-unstable-2025-10-28
- nixpkgs-unstable 0-unstable-2025-10-28
- nixos-unstable-small 0-unstable-2025-10-28
pkgs.systemd-bootchart
Boot performance graphing tool from systemd
pkgs.rubyPackages.glib2
None
-
nixos-unstable glib2-4.3.3
- nixpkgs-unstable glib2-4.3.3
- nixos-unstable-small glib2-4.3.3
pkgs.system76-wallpapers
Wallpapers for System76 products
-
nixos-unstable 0-unstable-2024-04-26
- nixpkgs-unstable 0-unstable-2024-04-26
- nixos-unstable-small 0-unstable-2024-04-26
pkgs.rubyPackages_3_1.glib2
None
pkgs.rubyPackages_3_2.glib2
None
pkgs.rubyPackages_3_3.glib2
None
-
nixos-unstable glib2-4.3.3
- nixpkgs-unstable glib2-4.3.3
- nixos-unstable-small glib2-4.3.3
pkgs.rubyPackages_3_4.glib2
None
-
nixos-unstable glib2-4.3.3
- nixpkgs-unstable glib2-4.3.3
- nixos-unstable-small glib2-4.3.3
pkgs.rubyPackages_3_5.glib2
None
-
nixos-unstable glib2-4.3.3
- nixpkgs-unstable glib2-4.3.3
- nixos-unstable-small glib2-4.3.3
pkgs.deepin.deepin-wallpapers
None
pkgs.lomiri.lomiri-wallpapers
Wallpapers for the Lomiri Operating Environment, gathered from people of the Ubuntu Touch / UBports community
pkgs.perlPackages.Apppapersway
PaperWM-like scrollable tiling window management for Sway/i3wm
pkgs.gnomeExtensions.2-wallpapers
Changes the wallpaper based on whether there are open windows or not.
-
nixos-unstable 2-wallpapers-6
- nixpkgs-unstable 2-wallpapers-6
- nixos-unstable-small 2-wallpapers-6
pkgs.perl538Packages.Apppapersway
PaperWM-like scrollable tiling window management for Sway/i3wm
pkgs.perl540Packages.Apppapersway
PaperWM-like scrollable tiling window management for Sway/i3wm
pkgs.pantheon.elementary-wallpapers
Collection of wallpapers for elementary
pkgs.libsForQt5.plasma-workspace-wallpapers
None
pkgs.kdePackages.plasma-workspace-wallpapers
Wallpapers for Plasma Workspaces
Package maintainers
-
@Thesola10 Karim Vergnes <me@thesola.io>
-
@drakon64 Evelyn Chance <nixpkgs@drakon.cloud>
-
@michaelBelsanti Mike Belsanti <mbels03@protonmail.com>
-
@alyssais Alyssa Ross <hi@alyssa.is>
-
@HeitorAugustoLN Heitor Augusto <nixpkgs.woven713@passmail.net>
-
@thefossguy Pratham Patel <prathampatel@thefossguy.com>
-
@ahoneybun Aaron Honeycutt <aaronhoneycutt@proton.me>
-
@a-kenji Alexander Kenji Berthold <aks.kenji@protonmail.com>
-
@nyabinary Niko Cantero <nyanbinary@keemail.me>
-
@Pandapip1 Gavin John <gavinnjohn@gmail.com>
-
@dasj19 Daniel Șerbănescu <daniel@serbanescu.dk>
-
@hedning Tor Hedin Brønner <torhedinbronner@gmail.com>
-
@bobby285271 Bobby Rong <rjl931189261@126.com>
-
@jtojnar Jan Tojnar <jtojnar@gmail.com>
-
@nyanloutre Paul Trehiou <paul@nyanlout.re>
-
@ttuegel Thomas Tuegel <ttuegel@mailbox.org>
-
@NickCao Nick Cao <nickcao@nichi.co>
-
@mjm Matt Moriarity <matt@mattmoriarity.com>
-
@SuperSandro2000 Sandro Jäckel <sandro.jaeckel@gmail.com>
-
@FRidh Frederik Rietdijk <fridh@fridh.nl>
-
@bkchr Bastian Köcher <nixos@kchr.de>
-
@ilya-fedin Ilya Fedin <fedin-ilja2010@ya.ru>
-
@SCOTT-HAMILTON Scott Hamilton <sgn.hamilton@protonmail.com>
-
@K900 Ilya K. <me@0upti.me>
-
@peterhoeg Peter Hoeg <peter@hoeg.com>
-
@LunNova Luna Nova <nixpkgs-maintainer@lunnova.dev>
-
@OPNA2608 Cosima Neidahl <opna2608@protonmail.com>
-
@06kellyjac Jack <hello+nixpkgs@j-k.io>
-
@nikstur nikstur <nikstur@outlook.com>
-
@thillux Markus Theil <theil.markus@gmail.com>
-
@davidak David Kleuker <post@davidak.de>
-
@fgaz Francesco Gazzetta <fgaz@fgaz.me>
-
@evan-goode Evan Goode <mail@evangoo.de>
-
@normalcea normalcea <normalc@posteo.net>
-
@honnip Jung seungwoo <me@honnip.page>
-
@numinit Morgan Jones <me+nixpkgs@numin.it>
-
@brianmcgillion Brian McGillion <bmg.avoin@gmail.com>