CVE-2026-0988

Low CVSS: 3.7

A flaw was found in glib. Missing validation of offset and count parameters in the g_buffered_input_stream_peek() function can lead to an integer overflow during length calculation. When specially crafted values are provided, this overflow results in an incorrect size being passed to memcpy(), triggering a buffer overflow. This can cause application crashes, leading to a Denial of Service (DoS).

Vendor

Product

CWE

CWE-190

Yayın Tarihi

2026-01-21 12:15:55

Güncelleme

2026-03-19 10:16:17

Source Identifier

secalert@redhat.com

KEV Date Added

Kategoriler

CWE-190 LOW 2026

Referanslar

https://access.redhat.com/security/cve/CVE-2026-0988 https://bugzilla.redhat.com/show_bug.cgi?id=2429886 https://gitlab.gnome.org/GNOME/glib/-/issues/3851