Memory Allocation Vulnerability in glib-networking's OpenSSL Backend
CVE-2025-60019

3.7LOW

Key Information:

Status
Red Hat Enterprise Linux 10
Red Hat Enterprise Linux 6
Red Hat Enterprise Linux 7
Vendor
CVE Published:
25 September 2025

What is CVE-2025-60019?

The OpenSSL backend of glib-networking is affected by a vulnerability that arises from inadequate validation of return values from memory allocation routines. This oversight can lead to conditions where, if the system runs out of memory, the software may attempt to write to invalid memory locations. Such behavior risks causing application crashes, potential system instabilities, and unauthorized access to sensitive data. It is critical for users and administrators to assess their implementations and consider applying recommended patches or updates.

References

https://access.redhat.com/security/cve/CVE-2025-60019
vdb-entryx_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2398140
issue-trackingx_refsource_REDHAT
https://gitlab.gnome.org/GNOME/glib-networking/-/issues/227

CVSS V3.1

Score:
3.7
Severity:
LOW
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.
CVE-2025-60019 : Memory Allocation Vulnerability in glib-networking's OpenSSL Backend