Out of Bounds Read Vulnerability in glib-networking's OpenSSL Backend
CVE-2025-60018

4.8MEDIUM

Key Information:

Status
Red Hat Enterprise Linux 10
Red Hat Enterprise Linux 6
Red Hat Enterprise Linux 7
Vendor
CVE Published:
25 September 2025

What is CVE-2025-60018?

The glib-networking component’s OpenSSL backend contains a flaw that occurs due to improper checking of the return value from BIO_write(). This oversight can lead to an out of bounds read, which may potentially expose sensitive data or lead to unexpected behavior. Users and administrators are advised to update their installations to ensure protection against this security issue.

References

https://access.redhat.com/security/cve/CVE-2025-60018
vdb-entryx_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2398135
issue-trackingx_refsource_REDHAT
https://gitlab.gnome.org/GNOME/glib-networking/-/issues/226

CVSS V3.1

Score:
4.8
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.
CVE-2025-60018 : Out of Bounds Read Vulnerability in glib-networking's OpenSSL Backend