CVE-2025-7039
BaseFortify
Publication date: 2025-09-03
Last updated on: 2025-09-04
Assigner: Red Hat, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| gnome | glib | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-22 | The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is an integer overflow in the GLib library during temporary file creation, which causes out-of-bounds memory access. This flaw allows a local attacker to exploit path traversal by creating symbolic links that the application might follow, potentially accessing private temporary file content without authorization. The core problem is insufficient validation of file path lengths during temporary file operations. [1]
How can this vulnerability impact me? :
An attacker with local access can manipulate file paths to perform path traversal attacks, potentially gaining unauthorized access to private data stored in temporary files. This could lead to exposure of sensitive information that should be protected by the system. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
Detection involves checking for the presence of vulnerable GLib versions and monitoring for suspicious symbolic link creations in temporary directories. You can identify vulnerable GLib versions by querying your package manager, for example, using 'rpm -q glib2' on Red Hat-based systems or 'dpkg -l | grep glib2' on Debian-based systems. Additionally, monitoring /tmp or other temporary directories for unexpected symbolic links can help detect exploitation attempts. Commands like 'find /tmp -type l -ls' can list symbolic links in temporary directories. [1]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include updating GLib to a patched version provided by your Linux distribution vendor. Until a patch is applied, restrict local user access to temporary directories to prevent creation of malicious symbolic links. Implement monitoring and alerting on symbolic link creation in temporary directories. Avoid running untrusted local code that could exploit this vulnerability. [1]