Main Vulnerability Database SB2021081053

SB2021081053 - Red Hat Enterprise Linux 8 update for glib2

Published: August 10, 2021

Security Bulletin ID SB2021081053

Severity

Low

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Local access

Highest impact Data manipulation

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) Incorrect Conversion between Numeric Types (CVE-ID: CVE-2021-27218)

The vulnerability allows a local user to bypass implemented security restrictions.

The vulnerability exists due to incorrect conversion between numeric types in Gnome Glib. If g_byte_array_new_take() was called with a buffer of 4GB or more on a 64-bit platform, the length would be truncated modulo 2**32, causing unintended length truncation.

Remediation

Install update from vendor's website.

References

https://access.redhat.com/errata/RHSA-2021:3058