CVE-2025-6052

{"id": "CVE-2025-6052", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "secalert@redhat.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 3.7, "attackVector": "NETWORK", "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "LOW", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 1.4, "exploitabilityScore": 2.2}]}, "published": "2025-06-13T16:15:28.230", "references": [{"url": "https://access.redhat.com/security/cve/CVE-2025-6052", "source": "secalert@redhat.com"}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372666", "source": "secalert@redhat.com"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Primary", "source": "secalert@redhat.com", "description": [{"lang": "en", "value": "CWE-190"}]}], "descriptions": [{"lang": "en", "value": "A flaw was found in how GLib\u2019s GString manages memory when adding data to strings. If a string is already very large, combining it with more input can cause a hidden overflow in the size calculation. This makes the system think it has enough memory when it doesn\u2019t. As a result, data may be written past the end of the allocated memory, leading to crashes or memory corruption."}, {"lang": "es", "value": "Se encontr\u00f3 una falla en la gesti\u00f3n de memoria de GString de GLib al a\u00f1adir datos a cadenas. Si una cadena ya es muy grande, combinarla con m\u00e1s datos puede causar un desbordamiento oculto en el c\u00e1lculo del tama\u00f1o. Esto hace que el sistema piense que tiene suficiente memoria cuando no la tiene. Como resultado, los datos pueden escribirse m\u00e1s all\u00e1 del l\u00edmite de memoria asignada, lo que provoca fallos o corrupci\u00f3n de memoria."}], "lastModified": "2025-06-16T12:32:18.840", "sourceIdentifier": "secalert@redhat.com"}