CVE-2025-60018

Public on 2025-09-25
Modified on 2025-09-27
Description
glib-networking's OpenSSL backend fails to properly check the return value of a call to BIO_write(), resulting in an out of bounds read.
Severity
Medium severity
Medium
See what this means
CVSS v3 Base Score
4.8
See breakdown

Affected Packages

Platform Package Release Date Advisory Status
Amazon Linux 2 - Core glib-networking Not Affected
Amazon Linux 2023 glib-networking Not Affected

CVSS Scores

Score Type Score Vector
Amazon Linux CVSSv3 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L

References

FAQs regarding Amazon Linux ALAS/CVE Severity Red Hat: CVE-2025-60018 Mitre: CVE-2025-60018