First published: Wed Feb 10 2021(Updated: )
An issue was discovered in GNOME GLib before 2.66.7 and 2.67.x before 2.67.4. If g_byte_array_new_take() was called with a buffer of 4GB or more on a 64-bit platform, the length would be truncated modulo 2**32, causing unintended length truncation.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
redhat/mingw-glib2 | <0:2.66.7-2.el8 | 0:2.66.7-2.el8 |
redhat/glib2 | <0:2.56.4-10.el8_4.1 | 0:2.56.4-10.el8_4.1 |
redhat/glib | <2.66.7 | 2.66.7 |
redhat/glib | <2.67.4 | 2.67.4 |
GNOME GLib | <2.66.7 | |
GNOME GLib | >=2.67.0<2.67.4 | |
Fedoraproject Fedora | =33 | |
Fedoraproject Fedora | =34 | |
Netapp Active Iq Unified Manager Vmware Vsphere | ||
Netapp Cloud Backup | ||
Netapp E-series Performance Analyzer | ||
Broadcom Brocade Fabric Operating System Firmware | ||
Debian Debian Linux | =9.0 | |
IBM Security Verify Access | <=10.0.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2021-27218 is a vulnerability in GNOME GLib that allows for denial of service attacks due to unintended length truncation.
CVE-2021-27218 has a severity level of high.
CVE-2021-27218 affects GNOME GLib versions before 2.66.7 and 2.67.x before 2.67.4.
The remedy for CVE-2021-27218 is to update affected software to versions 2.66.7 or 2.67.4.
Yes, IBM QRadar SIEM versions 7.5.0 GA, 7.4.3 GA - 7.4.3 FP4, and 7.3.3 GA - 7.3.3 FP10 are affected by CVE-2021-27218.