PublicDateAtUSN: 2021-02-15 17:15:00 UTC Candidate: CVE-2021-27219 PublicDate: 2021-02-15 17:15:00 UTC References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27219 https://ubuntu.com/security/notices/USN-4759-1 Description: An issue was discovered in GNOME GLib before 2.66.6 and 2.67.x before 2.67.3. The function g_bytes_new has an integer overflow on 64-bit platforms due to an implicit cast from 64 bits to 32 bits. The overflow could potentially lead to memory corruption. Ubuntu-Description: Notes: mdeslaur> see gnome bug for multiple regression fixes solved in 2.66.7 mdeslaur> Upstream fixed this in 2.67 by adding a new g_memdup2() function mdeslaur> and deprecating g_memdup(). For the 2.66 stable release, they mdeslaur> added g_memdup2(), but in a private manner so that internal uses mdeslaur> of g_memdup() could be switched, but this won't fix external mdeslaur> applications. Mitigation: Bugs: https://gitlab.gnome.org/GNOME/glib/-/issues/2319 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=982778 https://gitlab.gnome.org/GNOME/glib/-/issues/2323 (regression) Priority: medium Discovered-by: Kevin Backhouse Assigned-to: mdeslaur CVSS: nvd: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H [7.5 HIGH] Patches_glib2.0: upstream: https://gitlab.gnome.org/GNOME/glib/-/merge_requests/1926 (master) upstream: https://gitlab.gnome.org/GNOME/glib/-/merge_requests/1927 (2.66) upstream: https://gitlab.gnome.org/GNOME/glib/-/commit/e8fe1d51fe07f506211680c76145eea737f4bf30 (2.66) upstream: https://gitlab.gnome.org/GNOME/glib/-/merge_requests/1933 (2.66 regression) upstream: https://gitlab.gnome.org/GNOME/glib/-/commit/00b181fa84f2d836f7f4401c0cd08f38e5b39167 (2.66 regression) upstream: https://gitlab.gnome.org/GNOME/glib/-/merge_requests/1943 (2.66 regression #2) upstream: https://gitlab.gnome.org/GNOME/glib/-/commit/b34d68b672c35042b7d7334590e1e0cd653f3826 (2.66 regression #2) upstream_glib2.0: released (2.66.6-1, 2.67.3) precise/esm_glib2.0: ignored (end of ESM support, was needs-triage) trusty_glib2.0: ignored (out of standard support) trusty/esm_glib2.0: needs-triage xenial_glib2.0: released (2.48.2-0ubuntu4.7) esm-infra/xenial_glib2.0: released (2.48.2-0ubuntu4.7) bionic_glib2.0: released (2.56.4-0ubuntu0.18.04.7) focal_glib2.0: released (2.64.6-1~ubuntu20.04.2) groovy_glib2.0: released (2.66.1-2ubuntu0.1) hirsute_glib2.0: not-affected (2.67.5-2) impish_glib2.0: not-affected (2.67.5-2) jammy_glib2.0: not-affected (2.67.5-2) devel_glib2.0: not-affected (2.67.5-2)