{ "document": { "aggregate_severity": { "text": "Moderate" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "TuxCare License Agreement", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Cloud Linux Inc. and provide a link to the original.", "title": "Terms of Use" }, { "category": "details", "text": "CVE-2026-1489: fix integer overflow in Unicode case conversion functions\n- CVE-2026-1484: fix integer overflow in GLib Base64 encoding\n- CVE-2026-1485: fix buffer underflow in content type treemagic parsing\n- CVE-2026-0988: fix integer overflow in g_buffered_input_stream_peek()\n- CVE-2025-7039: fix integer overflow in temporary file creation", "title": "Details" } ], "publisher": { "category": "vendor", "contact_details": "https://tuxcare.com/contact/", "name": "TuxCare", "namespace": "https://tuxcare.com/" }, "references": [ { "category": "self", "summary": "https://cve.tuxcare.com/els/releases/CLSA-2026:1776246056", "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1776246056" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.tuxcare.com/csaf/v2/els_os/tuxcare9.6esu/advisories/2026/clsa-2026_1776246056.json" } ], "tracking": { "current_release_date": "2026-04-15T23:19:05Z", "generator": { "date": "2026-04-15T23:19:05Z", "engine": { "name": "pyCSAF" } }, "id": "CLSA-2026:1776246056", "initial_release_date": "2026-04-15T09:40:58Z", "revision_history": [ { "date": "2026-04-15T09:40:58Z", "number": "1", "summary": "Initial version" }, { "date": "2026-04-15T23:19:05Z", "number": "2", "summary": "Official Publication" } ], "status": "final", "version": "2" }, "title": "glib2: Fix of 5 CVEs" }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "AlmaLinux 9.6", "product": { "name": "AlmaLinux 9.6", "product_id": "AlmaLinux-9.6", "product_identification_helper": { "cpe": "cpe:2.3:o:almalinux:almalinux:9.6:*:*:*:*:*:*:*" } } } ], "category": "product_family", "name": "AlmaLinux" } ], "category": "vendor", "name": "AlmaLinux OS Foundation" }, { "branches": [ { "branches": [ { "category": "product_name", "name": "Rocky Linux 9.6", "product": { "name": "Rocky Linux 9.6", "product_id": "Rocky Linux-9.6", "product_identification_helper": { "cpe": "cpe:2.3:o:resf:rocky_linux:9.6:*:*:*:*:*:*:*" } } } ], "category": "product_family", "name": "Rocky Linux" } ], "category": "vendor", "name": "Rocky Linux" }, { "branches": [ { "branches": [ { "category": "product_version", "name": "glib2-static-0:2.68.4-16.el9_6.3.tuxcare.els3.x86_64", "product": { "name": "glib2-static-0:2.68.4-16.el9_6.3.tuxcare.els3.x86_64", "product_id": "glib2-static-0:2.68.4-16.el9_6.3.tuxcare.els3.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/glib2-static@2.68.4-16.el9_6.3.tuxcare.els3?arch=x86_64" } } }, { "category": "product_version", "name": "glib2-devel-0:2.68.4-16.el9_6.3.tuxcare.els3.x86_64", "product": { "name": "glib2-devel-0:2.68.4-16.el9_6.3.tuxcare.els3.x86_64", "product_id": "glib2-devel-0:2.68.4-16.el9_6.3.tuxcare.els3.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/glib2-devel@2.68.4-16.el9_6.3.tuxcare.els3?arch=x86_64" } } }, { "category": "product_version", "name": "glib2-tests-0:2.68.4-16.el9_6.3.tuxcare.els3.x86_64", "product": { "name": "glib2-tests-0:2.68.4-16.el9_6.3.tuxcare.els3.x86_64", "product_id": "glib2-tests-0:2.68.4-16.el9_6.3.tuxcare.els3.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/glib2-tests@2.68.4-16.el9_6.3.tuxcare.els3?arch=x86_64" } } }, { "category": "product_version", "name": "glib2-0:2.68.4-16.el9_6.3.tuxcare.els3.x86_64", "product": { "name": "glib2-0:2.68.4-16.el9_6.3.tuxcare.els3.x86_64", "product_id": "glib2-0:2.68.4-16.el9_6.3.tuxcare.els3.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/glib2@2.68.4-16.el9_6.3.tuxcare.els3?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "glib2-static-0:2.68.4-16.el9_6.3.tuxcare.els3.i686", "product": { "name": "glib2-static-0:2.68.4-16.el9_6.3.tuxcare.els3.i686", "product_id": "glib2-static-0:2.68.4-16.el9_6.3.tuxcare.els3.i686", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/glib2-static@2.68.4-16.el9_6.3.tuxcare.els3?arch=i686" } } }, { "category": "product_version", "name": "glib2-devel-0:2.68.4-16.el9_6.3.tuxcare.els3.i686", "product": { "name": "glib2-devel-0:2.68.4-16.el9_6.3.tuxcare.els3.i686", "product_id": "glib2-devel-0:2.68.4-16.el9_6.3.tuxcare.els3.i686", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/glib2-devel@2.68.4-16.el9_6.3.tuxcare.els3?arch=i686" } } }, { "category": "product_version", "name": "glib2-0:2.68.4-16.el9_6.3.tuxcare.els3.i686", "product": { "name": "glib2-0:2.68.4-16.el9_6.3.tuxcare.els3.i686", "product_id": "glib2-0:2.68.4-16.el9_6.3.tuxcare.els3.i686", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/glib2@2.68.4-16.el9_6.3.tuxcare.els3?arch=i686" } } } ], "category": "architecture", "name": "i686" }, { "branches": [ { "category": "product_version", "name": "glib2-doc-0:2.68.4-16.el9_6.3.tuxcare.els3.noarch", "product": { "name": "glib2-doc-0:2.68.4-16.el9_6.3.tuxcare.els3.noarch", "product_id": "glib2-doc-0:2.68.4-16.el9_6.3.tuxcare.els3.noarch", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/glib2-doc@2.68.4-16.el9_6.3.tuxcare.els3?arch=noarch" } } } ], "category": "architecture", "name": "noarch" } ], "category": "vendor", "name": "TuxCare" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "glib2-static-0:2.68.4-16.el9_6.3.tuxcare.els3.x86_64 as a component of AlmaLinux 9.6", "product_id": "AlmaLinux-9.6:glib2-static-0:2.68.4-16.el9_6.3.tuxcare.els3.x86_64" }, "product_reference": "glib2-static-0:2.68.4-16.el9_6.3.tuxcare.els3.x86_64", "relates_to_product_reference": "AlmaLinux-9.6" }, { "category": "default_component_of", "full_product_name": { "name": "glib2-static-0:2.68.4-16.el9_6.3.tuxcare.els3.i686 as a component of AlmaLinux 9.6", "product_id": "AlmaLinux-9.6:glib2-static-0:2.68.4-16.el9_6.3.tuxcare.els3.i686" }, "product_reference": "glib2-static-0:2.68.4-16.el9_6.3.tuxcare.els3.i686", "relates_to_product_reference": "AlmaLinux-9.6" }, { "category": "default_component_of", "full_product_name": { "name": "glib2-devel-0:2.68.4-16.el9_6.3.tuxcare.els3.i686 as a component of AlmaLinux 9.6", "product_id": "AlmaLinux-9.6:glib2-devel-0:2.68.4-16.el9_6.3.tuxcare.els3.i686" }, "product_reference": "glib2-devel-0:2.68.4-16.el9_6.3.tuxcare.els3.i686", "relates_to_product_reference": "AlmaLinux-9.6" }, { "category": "default_component_of", "full_product_name": { "name": "glib2-devel-0:2.68.4-16.el9_6.3.tuxcare.els3.x86_64 as a component of AlmaLinux 9.6", "product_id": "AlmaLinux-9.6:glib2-devel-0:2.68.4-16.el9_6.3.tuxcare.els3.x86_64" }, "product_reference": "glib2-devel-0:2.68.4-16.el9_6.3.tuxcare.els3.x86_64", "relates_to_product_reference": "AlmaLinux-9.6" }, { "category": "default_component_of", "full_product_name": { "name": "glib2-tests-0:2.68.4-16.el9_6.3.tuxcare.els3.x86_64 as a component of AlmaLinux 9.6", "product_id": "AlmaLinux-9.6:glib2-tests-0:2.68.4-16.el9_6.3.tuxcare.els3.x86_64" }, "product_reference": "glib2-tests-0:2.68.4-16.el9_6.3.tuxcare.els3.x86_64", "relates_to_product_reference": "AlmaLinux-9.6" }, { "category": "default_component_of", "full_product_name": { "name": "glib2-doc-0:2.68.4-16.el9_6.3.tuxcare.els3.noarch as a component of AlmaLinux 9.6", "product_id": "AlmaLinux-9.6:glib2-doc-0:2.68.4-16.el9_6.3.tuxcare.els3.noarch" }, "product_reference": "glib2-doc-0:2.68.4-16.el9_6.3.tuxcare.els3.noarch", "relates_to_product_reference": "AlmaLinux-9.6" }, { "category": "default_component_of", "full_product_name": { "name": "glib2-0:2.68.4-16.el9_6.3.tuxcare.els3.x86_64 as a component of AlmaLinux 9.6", "product_id": "AlmaLinux-9.6:glib2-0:2.68.4-16.el9_6.3.tuxcare.els3.x86_64" }, "product_reference": "glib2-0:2.68.4-16.el9_6.3.tuxcare.els3.x86_64", "relates_to_product_reference": "AlmaLinux-9.6" }, { "category": "default_component_of", "full_product_name": { "name": "glib2-0:2.68.4-16.el9_6.3.tuxcare.els3.i686 as a component of AlmaLinux 9.6", "product_id": "AlmaLinux-9.6:glib2-0:2.68.4-16.el9_6.3.tuxcare.els3.i686" }, "product_reference": "glib2-0:2.68.4-16.el9_6.3.tuxcare.els3.i686", "relates_to_product_reference": "AlmaLinux-9.6" }, { "category": "default_component_of", "full_product_name": { "name": "glib2-static-0:2.68.4-16.el9_6.3.tuxcare.els3.x86_64 as a component of Rocky Linux 9.6", "product_id": "Rocky Linux-9.6:glib2-static-0:2.68.4-16.el9_6.3.tuxcare.els3.x86_64" }, "product_reference": "glib2-static-0:2.68.4-16.el9_6.3.tuxcare.els3.x86_64", "relates_to_product_reference": "Rocky Linux-9.6" }, { "category": "default_component_of", "full_product_name": { "name": "glib2-static-0:2.68.4-16.el9_6.3.tuxcare.els3.i686 as a component of Rocky Linux 9.6", "product_id": "Rocky Linux-9.6:glib2-static-0:2.68.4-16.el9_6.3.tuxcare.els3.i686" }, "product_reference": "glib2-static-0:2.68.4-16.el9_6.3.tuxcare.els3.i686", "relates_to_product_reference": "Rocky Linux-9.6" }, { "category": "default_component_of", "full_product_name": { "name": "glib2-devel-0:2.68.4-16.el9_6.3.tuxcare.els3.i686 as a component of Rocky Linux 9.6", "product_id": "Rocky Linux-9.6:glib2-devel-0:2.68.4-16.el9_6.3.tuxcare.els3.i686" }, "product_reference": "glib2-devel-0:2.68.4-16.el9_6.3.tuxcare.els3.i686", "relates_to_product_reference": "Rocky Linux-9.6" }, { "category": "default_component_of", "full_product_name": { "name": "glib2-devel-0:2.68.4-16.el9_6.3.tuxcare.els3.x86_64 as a component of Rocky Linux 9.6", "product_id": "Rocky Linux-9.6:glib2-devel-0:2.68.4-16.el9_6.3.tuxcare.els3.x86_64" }, "product_reference": "glib2-devel-0:2.68.4-16.el9_6.3.tuxcare.els3.x86_64", "relates_to_product_reference": "Rocky Linux-9.6" }, { "category": "default_component_of", "full_product_name": { "name": "glib2-tests-0:2.68.4-16.el9_6.3.tuxcare.els3.x86_64 as a component of Rocky Linux 9.6", "product_id": "Rocky Linux-9.6:glib2-tests-0:2.68.4-16.el9_6.3.tuxcare.els3.x86_64" }, "product_reference": "glib2-tests-0:2.68.4-16.el9_6.3.tuxcare.els3.x86_64", "relates_to_product_reference": "Rocky Linux-9.6" }, { "category": "default_component_of", "full_product_name": { "name": "glib2-doc-0:2.68.4-16.el9_6.3.tuxcare.els3.noarch as a component of Rocky Linux 9.6", "product_id": "Rocky Linux-9.6:glib2-doc-0:2.68.4-16.el9_6.3.tuxcare.els3.noarch" }, "product_reference": "glib2-doc-0:2.68.4-16.el9_6.3.tuxcare.els3.noarch", "relates_to_product_reference": "Rocky Linux-9.6" }, { "category": "default_component_of", "full_product_name": { "name": "glib2-0:2.68.4-16.el9_6.3.tuxcare.els3.x86_64 as a component of Rocky Linux 9.6", "product_id": "Rocky Linux-9.6:glib2-0:2.68.4-16.el9_6.3.tuxcare.els3.x86_64" }, "product_reference": "glib2-0:2.68.4-16.el9_6.3.tuxcare.els3.x86_64", "relates_to_product_reference": "Rocky Linux-9.6" }, { "category": "default_component_of", "full_product_name": { "name": "glib2-0:2.68.4-16.el9_6.3.tuxcare.els3.i686 as a component of Rocky Linux 9.6", "product_id": "Rocky Linux-9.6:glib2-0:2.68.4-16.el9_6.3.tuxcare.els3.i686" }, "product_reference": "glib2-0:2.68.4-16.el9_6.3.tuxcare.els3.i686", "relates_to_product_reference": "Rocky Linux-9.6" } ] }, "vulnerabilities": [ { "cve": "CVE-2026-0988", "cwe": { "id": "CWE-190", "name": "Integer Overflow or Wraparound" }, "notes": [ { "category": "description", "text": "A flaw was found in glib. Missing validation of offset and count parameters in the g_buffered_input_stream_peek() function can lead to an integer overflow during length calculation. When specially crafted values are provided, this overflow results in an incorrect size being passed to memcpy(), triggering a buffer overflow. This can cause application crashes, leading to a Denial of Service (DoS).", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AlmaLinux-9.6:glib2-0:2.68.4-16.el9_6.3.tuxcare.els3.i686", "AlmaLinux-9.6:glib2-0:2.68.4-16.el9_6.3.tuxcare.els3.x86_64", "AlmaLinux-9.6:glib2-devel-0:2.68.4-16.el9_6.3.tuxcare.els3.i686", "AlmaLinux-9.6:glib2-devel-0:2.68.4-16.el9_6.3.tuxcare.els3.x86_64", "AlmaLinux-9.6:glib2-doc-0:2.68.4-16.el9_6.3.tuxcare.els3.noarch", "AlmaLinux-9.6:glib2-static-0:2.68.4-16.el9_6.3.tuxcare.els3.i686", "AlmaLinux-9.6:glib2-static-0:2.68.4-16.el9_6.3.tuxcare.els3.x86_64", "AlmaLinux-9.6:glib2-tests-0:2.68.4-16.el9_6.3.tuxcare.els3.x86_64", "Rocky Linux-9.6:glib2-0:2.68.4-16.el9_6.3.tuxcare.els3.i686", "Rocky Linux-9.6:glib2-0:2.68.4-16.el9_6.3.tuxcare.els3.x86_64", "Rocky Linux-9.6:glib2-devel-0:2.68.4-16.el9_6.3.tuxcare.els3.i686", "Rocky Linux-9.6:glib2-devel-0:2.68.4-16.el9_6.3.tuxcare.els3.x86_64", "Rocky Linux-9.6:glib2-doc-0:2.68.4-16.el9_6.3.tuxcare.els3.noarch", "Rocky Linux-9.6:glib2-static-0:2.68.4-16.el9_6.3.tuxcare.els3.i686", "Rocky Linux-9.6:glib2-static-0:2.68.4-16.el9_6.3.tuxcare.els3.x86_64", "Rocky Linux-9.6:glib2-tests-0:2.68.4-16.el9_6.3.tuxcare.els3.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2026-0988" } ], "release_date": "2026-01-15T00:00:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-04-15T09:40:58.897259Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1776246056", "product_ids": [ "AlmaLinux-9.6:glib2-0:2.68.4-16.el9_6.3.tuxcare.els3.i686", "AlmaLinux-9.6:glib2-0:2.68.4-16.el9_6.3.tuxcare.els3.x86_64", "AlmaLinux-9.6:glib2-devel-0:2.68.4-16.el9_6.3.tuxcare.els3.i686", "AlmaLinux-9.6:glib2-devel-0:2.68.4-16.el9_6.3.tuxcare.els3.x86_64", "AlmaLinux-9.6:glib2-doc-0:2.68.4-16.el9_6.3.tuxcare.els3.noarch", "AlmaLinux-9.6:glib2-static-0:2.68.4-16.el9_6.3.tuxcare.els3.i686", "AlmaLinux-9.6:glib2-static-0:2.68.4-16.el9_6.3.tuxcare.els3.x86_64", "AlmaLinux-9.6:glib2-tests-0:2.68.4-16.el9_6.3.tuxcare.els3.x86_64", "Rocky Linux-9.6:glib2-0:2.68.4-16.el9_6.3.tuxcare.els3.i686", "Rocky Linux-9.6:glib2-0:2.68.4-16.el9_6.3.tuxcare.els3.x86_64", "Rocky Linux-9.6:glib2-devel-0:2.68.4-16.el9_6.3.tuxcare.els3.i686", "Rocky Linux-9.6:glib2-devel-0:2.68.4-16.el9_6.3.tuxcare.els3.x86_64", "Rocky Linux-9.6:glib2-doc-0:2.68.4-16.el9_6.3.tuxcare.els3.noarch", "Rocky Linux-9.6:glib2-static-0:2.68.4-16.el9_6.3.tuxcare.els3.i686", "Rocky Linux-9.6:glib2-static-0:2.68.4-16.el9_6.3.tuxcare.els3.x86_64", "Rocky Linux-9.6:glib2-tests-0:2.68.4-16.el9_6.3.tuxcare.els3.x86_64" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1776246056" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 3.7, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1" }, "products": [ "AlmaLinux-9.6:glib2-0:2.68.4-16.el9_6.3.tuxcare.els3.i686", "AlmaLinux-9.6:glib2-0:2.68.4-16.el9_6.3.tuxcare.els3.x86_64", "AlmaLinux-9.6:glib2-devel-0:2.68.4-16.el9_6.3.tuxcare.els3.i686", "AlmaLinux-9.6:glib2-devel-0:2.68.4-16.el9_6.3.tuxcare.els3.x86_64", "AlmaLinux-9.6:glib2-doc-0:2.68.4-16.el9_6.3.tuxcare.els3.noarch", "AlmaLinux-9.6:glib2-static-0:2.68.4-16.el9_6.3.tuxcare.els3.i686", "AlmaLinux-9.6:glib2-static-0:2.68.4-16.el9_6.3.tuxcare.els3.x86_64", "AlmaLinux-9.6:glib2-tests-0:2.68.4-16.el9_6.3.tuxcare.els3.x86_64", "Rocky Linux-9.6:glib2-0:2.68.4-16.el9_6.3.tuxcare.els3.i686", "Rocky Linux-9.6:glib2-0:2.68.4-16.el9_6.3.tuxcare.els3.x86_64", "Rocky Linux-9.6:glib2-devel-0:2.68.4-16.el9_6.3.tuxcare.els3.i686", "Rocky Linux-9.6:glib2-devel-0:2.68.4-16.el9_6.3.tuxcare.els3.x86_64", "Rocky Linux-9.6:glib2-doc-0:2.68.4-16.el9_6.3.tuxcare.els3.noarch", "Rocky Linux-9.6:glib2-static-0:2.68.4-16.el9_6.3.tuxcare.els3.i686", "Rocky Linux-9.6:glib2-static-0:2.68.4-16.el9_6.3.tuxcare.els3.x86_64", "Rocky Linux-9.6:glib2-tests-0:2.68.4-16.el9_6.3.tuxcare.els3.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ] }, { "cve": "CVE-2026-1485", "cwe": { "id": "CWE-124", "name": "Buffer Underwrite ('Buffer Underflow')" }, "notes": [ { "category": "description", "text": "A flaw was found in Glib's content type parsing logic. This buffer underflow vulnerability occurs because the length of a header line is stored in a signed integer, which can lead to integer wraparound for very large inputs. This results in pointer underflow and out-of-bounds memory access. Exploitation requires a local user to install or process a specially crafted treemagic file, which can lead to local denial of service or application instability.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AlmaLinux-9.6:glib2-0:2.68.4-16.el9_6.3.tuxcare.els3.i686", "AlmaLinux-9.6:glib2-0:2.68.4-16.el9_6.3.tuxcare.els3.x86_64", "AlmaLinux-9.6:glib2-devel-0:2.68.4-16.el9_6.3.tuxcare.els3.i686", "AlmaLinux-9.6:glib2-devel-0:2.68.4-16.el9_6.3.tuxcare.els3.x86_64", "AlmaLinux-9.6:glib2-doc-0:2.68.4-16.el9_6.3.tuxcare.els3.noarch", "AlmaLinux-9.6:glib2-static-0:2.68.4-16.el9_6.3.tuxcare.els3.i686", "AlmaLinux-9.6:glib2-static-0:2.68.4-16.el9_6.3.tuxcare.els3.x86_64", "AlmaLinux-9.6:glib2-tests-0:2.68.4-16.el9_6.3.tuxcare.els3.x86_64", "Rocky Linux-9.6:glib2-0:2.68.4-16.el9_6.3.tuxcare.els3.i686", "Rocky Linux-9.6:glib2-0:2.68.4-16.el9_6.3.tuxcare.els3.x86_64", "Rocky Linux-9.6:glib2-devel-0:2.68.4-16.el9_6.3.tuxcare.els3.i686", "Rocky Linux-9.6:glib2-devel-0:2.68.4-16.el9_6.3.tuxcare.els3.x86_64", "Rocky Linux-9.6:glib2-doc-0:2.68.4-16.el9_6.3.tuxcare.els3.noarch", "Rocky Linux-9.6:glib2-static-0:2.68.4-16.el9_6.3.tuxcare.els3.i686", "Rocky Linux-9.6:glib2-static-0:2.68.4-16.el9_6.3.tuxcare.els3.x86_64", "Rocky Linux-9.6:glib2-tests-0:2.68.4-16.el9_6.3.tuxcare.els3.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2026-1485" } ], "release_date": "2026-01-27T00:00:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-04-15T09:40:58.897259Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1776246056", "product_ids": [ "AlmaLinux-9.6:glib2-0:2.68.4-16.el9_6.3.tuxcare.els3.i686", "AlmaLinux-9.6:glib2-0:2.68.4-16.el9_6.3.tuxcare.els3.x86_64", "AlmaLinux-9.6:glib2-devel-0:2.68.4-16.el9_6.3.tuxcare.els3.i686", "AlmaLinux-9.6:glib2-devel-0:2.68.4-16.el9_6.3.tuxcare.els3.x86_64", "AlmaLinux-9.6:glib2-doc-0:2.68.4-16.el9_6.3.tuxcare.els3.noarch", "AlmaLinux-9.6:glib2-static-0:2.68.4-16.el9_6.3.tuxcare.els3.i686", "AlmaLinux-9.6:glib2-static-0:2.68.4-16.el9_6.3.tuxcare.els3.x86_64", "AlmaLinux-9.6:glib2-tests-0:2.68.4-16.el9_6.3.tuxcare.els3.x86_64", "Rocky Linux-9.6:glib2-0:2.68.4-16.el9_6.3.tuxcare.els3.i686", "Rocky Linux-9.6:glib2-0:2.68.4-16.el9_6.3.tuxcare.els3.x86_64", "Rocky Linux-9.6:glib2-devel-0:2.68.4-16.el9_6.3.tuxcare.els3.i686", "Rocky Linux-9.6:glib2-devel-0:2.68.4-16.el9_6.3.tuxcare.els3.x86_64", "Rocky Linux-9.6:glib2-doc-0:2.68.4-16.el9_6.3.tuxcare.els3.noarch", "Rocky Linux-9.6:glib2-static-0:2.68.4-16.el9_6.3.tuxcare.els3.i686", "Rocky Linux-9.6:glib2-static-0:2.68.4-16.el9_6.3.tuxcare.els3.x86_64", "Rocky Linux-9.6:glib2-tests-0:2.68.4-16.el9_6.3.tuxcare.els3.x86_64" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1776246056" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 2.8, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L", "version": "3.1" }, "products": [ "AlmaLinux-9.6:glib2-0:2.68.4-16.el9_6.3.tuxcare.els3.i686", "AlmaLinux-9.6:glib2-0:2.68.4-16.el9_6.3.tuxcare.els3.x86_64", "AlmaLinux-9.6:glib2-devel-0:2.68.4-16.el9_6.3.tuxcare.els3.i686", "AlmaLinux-9.6:glib2-devel-0:2.68.4-16.el9_6.3.tuxcare.els3.x86_64", "AlmaLinux-9.6:glib2-doc-0:2.68.4-16.el9_6.3.tuxcare.els3.noarch", "AlmaLinux-9.6:glib2-static-0:2.68.4-16.el9_6.3.tuxcare.els3.i686", "AlmaLinux-9.6:glib2-static-0:2.68.4-16.el9_6.3.tuxcare.els3.x86_64", "AlmaLinux-9.6:glib2-tests-0:2.68.4-16.el9_6.3.tuxcare.els3.x86_64", "Rocky Linux-9.6:glib2-0:2.68.4-16.el9_6.3.tuxcare.els3.i686", "Rocky Linux-9.6:glib2-0:2.68.4-16.el9_6.3.tuxcare.els3.x86_64", "Rocky Linux-9.6:glib2-devel-0:2.68.4-16.el9_6.3.tuxcare.els3.i686", "Rocky Linux-9.6:glib2-devel-0:2.68.4-16.el9_6.3.tuxcare.els3.x86_64", "Rocky Linux-9.6:glib2-doc-0:2.68.4-16.el9_6.3.tuxcare.els3.noarch", "Rocky Linux-9.6:glib2-static-0:2.68.4-16.el9_6.3.tuxcare.els3.i686", "Rocky Linux-9.6:glib2-static-0:2.68.4-16.el9_6.3.tuxcare.els3.x86_64", "Rocky Linux-9.6:glib2-tests-0:2.68.4-16.el9_6.3.tuxcare.els3.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ] }, { "cve": "CVE-2026-1489", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "description", "text": "A flaw was found in GLib. An integer overflow vulnerability in its Unicode case conversion implementation can lead to memory corruption. By processing specially crafted and extremely large Unicode strings, an attacker could trigger an undersized memory allocation, resulting in out-of-bounds writes. This could cause applications utilizing GLib for string conversion to crash or become unstable.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AlmaLinux-9.6:glib2-0:2.68.4-16.el9_6.3.tuxcare.els3.i686", "AlmaLinux-9.6:glib2-0:2.68.4-16.el9_6.3.tuxcare.els3.x86_64", "AlmaLinux-9.6:glib2-devel-0:2.68.4-16.el9_6.3.tuxcare.els3.i686", "AlmaLinux-9.6:glib2-devel-0:2.68.4-16.el9_6.3.tuxcare.els3.x86_64", "AlmaLinux-9.6:glib2-doc-0:2.68.4-16.el9_6.3.tuxcare.els3.noarch", "AlmaLinux-9.6:glib2-static-0:2.68.4-16.el9_6.3.tuxcare.els3.i686", "AlmaLinux-9.6:glib2-static-0:2.68.4-16.el9_6.3.tuxcare.els3.x86_64", "AlmaLinux-9.6:glib2-tests-0:2.68.4-16.el9_6.3.tuxcare.els3.x86_64", "Rocky Linux-9.6:glib2-0:2.68.4-16.el9_6.3.tuxcare.els3.i686", "Rocky Linux-9.6:glib2-0:2.68.4-16.el9_6.3.tuxcare.els3.x86_64", "Rocky Linux-9.6:glib2-devel-0:2.68.4-16.el9_6.3.tuxcare.els3.i686", "Rocky Linux-9.6:glib2-devel-0:2.68.4-16.el9_6.3.tuxcare.els3.x86_64", "Rocky Linux-9.6:glib2-doc-0:2.68.4-16.el9_6.3.tuxcare.els3.noarch", "Rocky Linux-9.6:glib2-static-0:2.68.4-16.el9_6.3.tuxcare.els3.i686", "Rocky Linux-9.6:glib2-static-0:2.68.4-16.el9_6.3.tuxcare.els3.x86_64", "Rocky Linux-9.6:glib2-tests-0:2.68.4-16.el9_6.3.tuxcare.els3.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2026-1489" } ], "release_date": "2026-01-27T00:00:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-04-15T09:40:58.897259Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1776246056", "product_ids": [ "AlmaLinux-9.6:glib2-0:2.68.4-16.el9_6.3.tuxcare.els3.i686", "AlmaLinux-9.6:glib2-0:2.68.4-16.el9_6.3.tuxcare.els3.x86_64", "AlmaLinux-9.6:glib2-devel-0:2.68.4-16.el9_6.3.tuxcare.els3.i686", "AlmaLinux-9.6:glib2-devel-0:2.68.4-16.el9_6.3.tuxcare.els3.x86_64", "AlmaLinux-9.6:glib2-doc-0:2.68.4-16.el9_6.3.tuxcare.els3.noarch", "AlmaLinux-9.6:glib2-static-0:2.68.4-16.el9_6.3.tuxcare.els3.i686", "AlmaLinux-9.6:glib2-static-0:2.68.4-16.el9_6.3.tuxcare.els3.x86_64", "AlmaLinux-9.6:glib2-tests-0:2.68.4-16.el9_6.3.tuxcare.els3.x86_64", "Rocky Linux-9.6:glib2-0:2.68.4-16.el9_6.3.tuxcare.els3.i686", "Rocky Linux-9.6:glib2-0:2.68.4-16.el9_6.3.tuxcare.els3.x86_64", "Rocky Linux-9.6:glib2-devel-0:2.68.4-16.el9_6.3.tuxcare.els3.i686", "Rocky Linux-9.6:glib2-devel-0:2.68.4-16.el9_6.3.tuxcare.els3.x86_64", "Rocky Linux-9.6:glib2-doc-0:2.68.4-16.el9_6.3.tuxcare.els3.noarch", "Rocky Linux-9.6:glib2-static-0:2.68.4-16.el9_6.3.tuxcare.els3.i686", "Rocky Linux-9.6:glib2-static-0:2.68.4-16.el9_6.3.tuxcare.els3.x86_64", "Rocky Linux-9.6:glib2-tests-0:2.68.4-16.el9_6.3.tuxcare.els3.x86_64" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1776246056" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L", "version": "3.1" }, "products": [ "AlmaLinux-9.6:glib2-0:2.68.4-16.el9_6.3.tuxcare.els3.i686", "AlmaLinux-9.6:glib2-0:2.68.4-16.el9_6.3.tuxcare.els3.x86_64", "AlmaLinux-9.6:glib2-devel-0:2.68.4-16.el9_6.3.tuxcare.els3.i686", "AlmaLinux-9.6:glib2-devel-0:2.68.4-16.el9_6.3.tuxcare.els3.x86_64", "AlmaLinux-9.6:glib2-doc-0:2.68.4-16.el9_6.3.tuxcare.els3.noarch", "AlmaLinux-9.6:glib2-static-0:2.68.4-16.el9_6.3.tuxcare.els3.i686", "AlmaLinux-9.6:glib2-static-0:2.68.4-16.el9_6.3.tuxcare.els3.x86_64", "AlmaLinux-9.6:glib2-tests-0:2.68.4-16.el9_6.3.tuxcare.els3.x86_64", "Rocky Linux-9.6:glib2-0:2.68.4-16.el9_6.3.tuxcare.els3.i686", "Rocky Linux-9.6:glib2-0:2.68.4-16.el9_6.3.tuxcare.els3.x86_64", "Rocky Linux-9.6:glib2-devel-0:2.68.4-16.el9_6.3.tuxcare.els3.i686", "Rocky Linux-9.6:glib2-devel-0:2.68.4-16.el9_6.3.tuxcare.els3.x86_64", "Rocky Linux-9.6:glib2-doc-0:2.68.4-16.el9_6.3.tuxcare.els3.noarch", "Rocky Linux-9.6:glib2-static-0:2.68.4-16.el9_6.3.tuxcare.els3.i686", "Rocky Linux-9.6:glib2-static-0:2.68.4-16.el9_6.3.tuxcare.els3.x86_64", "Rocky Linux-9.6:glib2-tests-0:2.68.4-16.el9_6.3.tuxcare.els3.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ] }, { "cve": "CVE-2025-7039", "cwe": { "id": "CWE-190", "name": "Integer Overflow or Wraparound" }, "notes": [ { "category": "description", "text": "A flaw was found in glib. An integer overflow during temporary file creation leads to an out-of-bounds memory access, allowing an attacker to potentially perform path traversal or access private temporary file content by creating symbolic links. This vulnerability allows a local attacker to manipulate file paths and access unauthorized data. The core issue stems from insufficient validation of file path lengths during temporary file operations.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AlmaLinux-9.6:glib2-0:2.68.4-16.el9_6.3.tuxcare.els3.i686", "AlmaLinux-9.6:glib2-0:2.68.4-16.el9_6.3.tuxcare.els3.x86_64", "AlmaLinux-9.6:glib2-devel-0:2.68.4-16.el9_6.3.tuxcare.els3.i686", "AlmaLinux-9.6:glib2-devel-0:2.68.4-16.el9_6.3.tuxcare.els3.x86_64", "AlmaLinux-9.6:glib2-doc-0:2.68.4-16.el9_6.3.tuxcare.els3.noarch", "AlmaLinux-9.6:glib2-static-0:2.68.4-16.el9_6.3.tuxcare.els3.i686", "AlmaLinux-9.6:glib2-static-0:2.68.4-16.el9_6.3.tuxcare.els3.x86_64", "AlmaLinux-9.6:glib2-tests-0:2.68.4-16.el9_6.3.tuxcare.els3.x86_64", "Rocky Linux-9.6:glib2-0:2.68.4-16.el9_6.3.tuxcare.els3.i686", "Rocky Linux-9.6:glib2-0:2.68.4-16.el9_6.3.tuxcare.els3.x86_64", "Rocky Linux-9.6:glib2-devel-0:2.68.4-16.el9_6.3.tuxcare.els3.i686", "Rocky Linux-9.6:glib2-devel-0:2.68.4-16.el9_6.3.tuxcare.els3.x86_64", "Rocky Linux-9.6:glib2-doc-0:2.68.4-16.el9_6.3.tuxcare.els3.noarch", "Rocky Linux-9.6:glib2-static-0:2.68.4-16.el9_6.3.tuxcare.els3.i686", "Rocky Linux-9.6:glib2-static-0:2.68.4-16.el9_6.3.tuxcare.els3.x86_64", "Rocky Linux-9.6:glib2-tests-0:2.68.4-16.el9_6.3.tuxcare.els3.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2025-7039" } ], "release_date": "2025-07-02T00:00:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-04-15T09:40:58.897259Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1776246056", "product_ids": [ "AlmaLinux-9.6:glib2-0:2.68.4-16.el9_6.3.tuxcare.els3.i686", "AlmaLinux-9.6:glib2-0:2.68.4-16.el9_6.3.tuxcare.els3.x86_64", "AlmaLinux-9.6:glib2-devel-0:2.68.4-16.el9_6.3.tuxcare.els3.i686", "AlmaLinux-9.6:glib2-devel-0:2.68.4-16.el9_6.3.tuxcare.els3.x86_64", "AlmaLinux-9.6:glib2-doc-0:2.68.4-16.el9_6.3.tuxcare.els3.noarch", "AlmaLinux-9.6:glib2-static-0:2.68.4-16.el9_6.3.tuxcare.els3.i686", "AlmaLinux-9.6:glib2-static-0:2.68.4-16.el9_6.3.tuxcare.els3.x86_64", "AlmaLinux-9.6:glib2-tests-0:2.68.4-16.el9_6.3.tuxcare.els3.x86_64", "Rocky Linux-9.6:glib2-0:2.68.4-16.el9_6.3.tuxcare.els3.i686", "Rocky Linux-9.6:glib2-0:2.68.4-16.el9_6.3.tuxcare.els3.x86_64", "Rocky Linux-9.6:glib2-devel-0:2.68.4-16.el9_6.3.tuxcare.els3.i686", "Rocky Linux-9.6:glib2-devel-0:2.68.4-16.el9_6.3.tuxcare.els3.x86_64", "Rocky Linux-9.6:glib2-doc-0:2.68.4-16.el9_6.3.tuxcare.els3.noarch", "Rocky Linux-9.6:glib2-static-0:2.68.4-16.el9_6.3.tuxcare.els3.i686", "Rocky Linux-9.6:glib2-static-0:2.68.4-16.el9_6.3.tuxcare.els3.x86_64", "Rocky Linux-9.6:glib2-tests-0:2.68.4-16.el9_6.3.tuxcare.els3.x86_64" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1776246056" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 3.7, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.1" }, "products": [ "AlmaLinux-9.6:glib2-0:2.68.4-16.el9_6.3.tuxcare.els3.i686", "AlmaLinux-9.6:glib2-0:2.68.4-16.el9_6.3.tuxcare.els3.x86_64", "AlmaLinux-9.6:glib2-devel-0:2.68.4-16.el9_6.3.tuxcare.els3.i686", "AlmaLinux-9.6:glib2-devel-0:2.68.4-16.el9_6.3.tuxcare.els3.x86_64", "AlmaLinux-9.6:glib2-doc-0:2.68.4-16.el9_6.3.tuxcare.els3.noarch", "AlmaLinux-9.6:glib2-static-0:2.68.4-16.el9_6.3.tuxcare.els3.i686", "AlmaLinux-9.6:glib2-static-0:2.68.4-16.el9_6.3.tuxcare.els3.x86_64", "AlmaLinux-9.6:glib2-tests-0:2.68.4-16.el9_6.3.tuxcare.els3.x86_64", "Rocky Linux-9.6:glib2-0:2.68.4-16.el9_6.3.tuxcare.els3.i686", "Rocky Linux-9.6:glib2-0:2.68.4-16.el9_6.3.tuxcare.els3.x86_64", "Rocky Linux-9.6:glib2-devel-0:2.68.4-16.el9_6.3.tuxcare.els3.i686", "Rocky Linux-9.6:glib2-devel-0:2.68.4-16.el9_6.3.tuxcare.els3.x86_64", "Rocky Linux-9.6:glib2-doc-0:2.68.4-16.el9_6.3.tuxcare.els3.noarch", "Rocky Linux-9.6:glib2-static-0:2.68.4-16.el9_6.3.tuxcare.els3.i686", "Rocky Linux-9.6:glib2-static-0:2.68.4-16.el9_6.3.tuxcare.els3.x86_64", "Rocky Linux-9.6:glib2-tests-0:2.68.4-16.el9_6.3.tuxcare.els3.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ] }, { "cve": "CVE-2026-1484", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "description", "text": "A flaw was found in the GLib Base64 encoding routine when processing very large input data. Due to incorrect use of integer types during length calculation, the library may miscalculate buffer boundaries. This can cause memory writes outside the allocated buffer. Applications that process untrusted or extremely large Base64 input using GLib may crash or behave unpredictably.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AlmaLinux-9.6:glib2-0:2.68.4-16.el9_6.3.tuxcare.els3.i686", "AlmaLinux-9.6:glib2-0:2.68.4-16.el9_6.3.tuxcare.els3.x86_64", "AlmaLinux-9.6:glib2-devel-0:2.68.4-16.el9_6.3.tuxcare.els3.i686", "AlmaLinux-9.6:glib2-devel-0:2.68.4-16.el9_6.3.tuxcare.els3.x86_64", "AlmaLinux-9.6:glib2-doc-0:2.68.4-16.el9_6.3.tuxcare.els3.noarch", "AlmaLinux-9.6:glib2-static-0:2.68.4-16.el9_6.3.tuxcare.els3.i686", "AlmaLinux-9.6:glib2-static-0:2.68.4-16.el9_6.3.tuxcare.els3.x86_64", "AlmaLinux-9.6:glib2-tests-0:2.68.4-16.el9_6.3.tuxcare.els3.x86_64", "Rocky Linux-9.6:glib2-0:2.68.4-16.el9_6.3.tuxcare.els3.i686", "Rocky Linux-9.6:glib2-0:2.68.4-16.el9_6.3.tuxcare.els3.x86_64", "Rocky Linux-9.6:glib2-devel-0:2.68.4-16.el9_6.3.tuxcare.els3.i686", "Rocky Linux-9.6:glib2-devel-0:2.68.4-16.el9_6.3.tuxcare.els3.x86_64", "Rocky Linux-9.6:glib2-doc-0:2.68.4-16.el9_6.3.tuxcare.els3.noarch", "Rocky Linux-9.6:glib2-static-0:2.68.4-16.el9_6.3.tuxcare.els3.i686", "Rocky Linux-9.6:glib2-static-0:2.68.4-16.el9_6.3.tuxcare.els3.x86_64", "Rocky Linux-9.6:glib2-tests-0:2.68.4-16.el9_6.3.tuxcare.els3.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2026-1484" } ], "release_date": "2026-01-27T00:00:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-04-15T09:40:58.897259Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1776246056", "product_ids": [ "AlmaLinux-9.6:glib2-0:2.68.4-16.el9_6.3.tuxcare.els3.i686", "AlmaLinux-9.6:glib2-0:2.68.4-16.el9_6.3.tuxcare.els3.x86_64", "AlmaLinux-9.6:glib2-devel-0:2.68.4-16.el9_6.3.tuxcare.els3.i686", "AlmaLinux-9.6:glib2-devel-0:2.68.4-16.el9_6.3.tuxcare.els3.x86_64", "AlmaLinux-9.6:glib2-doc-0:2.68.4-16.el9_6.3.tuxcare.els3.noarch", "AlmaLinux-9.6:glib2-static-0:2.68.4-16.el9_6.3.tuxcare.els3.i686", "AlmaLinux-9.6:glib2-static-0:2.68.4-16.el9_6.3.tuxcare.els3.x86_64", "AlmaLinux-9.6:glib2-tests-0:2.68.4-16.el9_6.3.tuxcare.els3.x86_64", "Rocky Linux-9.6:glib2-0:2.68.4-16.el9_6.3.tuxcare.els3.i686", "Rocky Linux-9.6:glib2-0:2.68.4-16.el9_6.3.tuxcare.els3.x86_64", "Rocky Linux-9.6:glib2-devel-0:2.68.4-16.el9_6.3.tuxcare.els3.i686", "Rocky Linux-9.6:glib2-devel-0:2.68.4-16.el9_6.3.tuxcare.els3.x86_64", "Rocky Linux-9.6:glib2-doc-0:2.68.4-16.el9_6.3.tuxcare.els3.noarch", "Rocky Linux-9.6:glib2-static-0:2.68.4-16.el9_6.3.tuxcare.els3.i686", "Rocky Linux-9.6:glib2-static-0:2.68.4-16.el9_6.3.tuxcare.els3.x86_64", "Rocky Linux-9.6:glib2-tests-0:2.68.4-16.el9_6.3.tuxcare.els3.x86_64" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1776246056" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 4.2, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:L", "version": "3.1" }, "products": [ "AlmaLinux-9.6:glib2-0:2.68.4-16.el9_6.3.tuxcare.els3.i686", "AlmaLinux-9.6:glib2-0:2.68.4-16.el9_6.3.tuxcare.els3.x86_64", "AlmaLinux-9.6:glib2-devel-0:2.68.4-16.el9_6.3.tuxcare.els3.i686", "AlmaLinux-9.6:glib2-devel-0:2.68.4-16.el9_6.3.tuxcare.els3.x86_64", "AlmaLinux-9.6:glib2-doc-0:2.68.4-16.el9_6.3.tuxcare.els3.noarch", "AlmaLinux-9.6:glib2-static-0:2.68.4-16.el9_6.3.tuxcare.els3.i686", "AlmaLinux-9.6:glib2-static-0:2.68.4-16.el9_6.3.tuxcare.els3.x86_64", "AlmaLinux-9.6:glib2-tests-0:2.68.4-16.el9_6.3.tuxcare.els3.x86_64", "Rocky Linux-9.6:glib2-0:2.68.4-16.el9_6.3.tuxcare.els3.i686", "Rocky Linux-9.6:glib2-0:2.68.4-16.el9_6.3.tuxcare.els3.x86_64", "Rocky Linux-9.6:glib2-devel-0:2.68.4-16.el9_6.3.tuxcare.els3.i686", "Rocky Linux-9.6:glib2-devel-0:2.68.4-16.el9_6.3.tuxcare.els3.x86_64", "Rocky Linux-9.6:glib2-doc-0:2.68.4-16.el9_6.3.tuxcare.els3.noarch", "Rocky Linux-9.6:glib2-static-0:2.68.4-16.el9_6.3.tuxcare.els3.i686", "Rocky Linux-9.6:glib2-static-0:2.68.4-16.el9_6.3.tuxcare.els3.x86_64", "Rocky Linux-9.6:glib2-tests-0:2.68.4-16.el9_6.3.tuxcare.els3.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ] } ] }