CVE-2021-27219

Incorrect Conversion between Numeric Types in conan/glib

Identifiers

CVE-2021-27219

Package Slug

conan/glib

Vulnerability

Incorrect Conversion between Numeric Types

Description

An issue was discovered in GNOME GLib The function g_bytes_new has an integer overflow on platforms due to an implicit cast from bits to bits. The overflow could potentially lead to memory corruption.

Affected Versions

All versions before 2.66.6, all versions starting from 2.67.0 before 2.67.3

Solution

Upgrade to version 2.68.3 or above.

Last Modified

2021-02-26

source