Integer Overflow Vulnerability in GLib Affects File Creation Process
CVE-2025-7039

3.7LOW

Key Information:

Vendor: Red Hat
Status: Red Hat Enterprise Linux 10; Red Hat Enterprise Linux 6; Red Hat Enterprise Linux 7; Red Hat Enterprise Linux 8
Vendor: CVE Published:; 3 September 2025

What is CVE-2025-7039?

A significant flaw has been identified in GLib, relating to an integer overflow during the creation of temporary files. This defect can lead to out-of-bounds memory access, thus allowing local attackers to manipulate file paths effectively. The flaw stems from inadequate validation of file path lengths in temporary file operations, enabling unauthorized access to sensitive content through the creation of symbolic links. Attackers could exploit this vulnerability to execute path traversal attacks and gain access to private data stored in temporary files.

References

https://access.redhat.com/security/cve/CVE-2025-7039

vdb-entryx_refsource_REDHAT

https://bugzilla.redhat.com/show_bug.cgi?id=2392423

issue-trackingx_refsource_REDHAT

CVSS V3.1

Score:

3.7

Severity:

LOW

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 3, 2025
Vulnerability Reserved
Jul 2, 2025

Red Hat

What is CVE-2025-7039?

References

CVSS V3.1

Timeline