CVE-2025-13601

HIGH

Redhat Codeready Linux Builder < 2.86.3 - Integer Overflow

Title source: rule

Description

A heap-based buffer overflow problem was found in glib through an incorrect calculation of buffer size in the g_escape_uri_string() function. If the string to escape contains a very large number of unacceptable characters (which would need escaping), the calculation of the length of the escaped string could overflow, leading to a potential write off the end of the newly allocated string.

References (30)

[Vendor Advisory] https://access.redhat.com/errata/RHSA-2026:7461

[Exploit, Issue Tracking] https://gitlab.gnome.org/GNOME/glib/-/issues/3827

[Third Party Advisory] https://gitlab.gnome.org/GNOME/glib/-/merge_requests/4914

[Vendor Advisory] https://access.redhat.com/errata/RHSA-2026:0936

[Vendor Advisory] https://access.redhat.com/errata/RHSA-2026:0975

[Vendor Advisory] https://access.redhat.com/errata/RHSA-2026:0991

[Vendor Advisory] https://access.redhat.com/errata/RHSA-2026:1323

[Vendor Advisory] https://access.redhat.com/errata/RHSA-2026:1324

[Vendor Advisory] https://access.redhat.com/errata/RHSA-2026:1326

[Vendor Advisory] https://access.redhat.com/errata/RHSA-2026:1327

[Vendor Advisory] https://access.redhat.com/errata/RHSA-2026:1465

[Vendor Advisory] https://access.redhat.com/errata/RHSA-2026:1608

[Vendor Advisory] https://access.redhat.com/errata/RHSA-2026:1624

[Vendor Advisory] https://access.redhat.com/errata/RHSA-2026:1625

[Vendor Advisory] https://access.redhat.com/errata/RHSA-2026:1626

[Vendor Advisory] https://access.redhat.com/errata/RHSA-2026:1627

[Vendor Advisory] https://access.redhat.com/errata/RHSA-2026:1652

[Vendor Advisory] https://access.redhat.com/errata/RHSA-2026:1736

[Vendor Advisory] https://access.redhat.com/errata/RHSA-2026:2064

[Vendor Advisory] https://access.redhat.com/errata/RHSA-2026:2072

... and 10 more

Scores

CVSS v3 7.7

EPSS 0.0001

EPSS Percentile 1.0%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-190

Status published

Products (50)

gnome/glib < 2.86.3

Red Hat/Red Hat Ceph Storage 8 sha256:09aaeba975aa74bdf95d63e5619c0cabb1cd9e1410aa34e7f8ecf24a5e291d1a

Red Hat/Red Hat Ceph Storage 8 sha256:9e4f3ffb68eae556a6d34426903430173e4563eea3ea5d6720ce9b5b43c2dbda

Red Hat/Red Hat Discovery 2 sha256:26bb49a8e2e695d61192f04eb0db63efa8210bba20ea22b60e4e22d519d8b9e6

Red Hat/Red Hat Discovery 2 sha256:4ba29e3e7565cfdfdedcc558bc8495398cee07742fda133b0bc04fd657b908cd

Red Hat/Red Hat Discovery 2 sha256:519d4fe184cebe5152f840e9f609fa4705590656ac9bcace2e2e17622ab7e6a8

Red Hat/Red Hat Enterprise Linux 10

Red Hat/Red Hat Enterprise Linux 10 0:2.80.4-10.el10_1.12

Red Hat/Red Hat Enterprise Linux 10.0 Extended Update Support 0:2.80.4-4.el10_0.8

Red Hat/Red Hat Enterprise Linux 6

... and 40 more

Published Nov 26, 2025

Tracked Since Feb 18, 2026