Vulnerabilities > CVE-2019-25085 - Use After Free vulnerability in Gnome Gvariant Database

CVSS 8.8 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

gnome

CWE-416

NVD

Published: 2022-12-26

Updated: 2024-04-11

Summary

A vulnerability was found in GNOME gvdb. It has been classified as critical. This affects the function gvdb_table_write_contents_async of the file gvdb-builder.c. The manipulation leads to use after free. It is possible to initiate the attack remotely. The name of the patch is d83587b2a364eb9a9a53be7e6a708074e252de14. It is recommended to apply a patch to fix this issue. The identifier VDB-216789 was assigned to this vulnerability.

Vulnerable Configurations

Part	Description	Count
Application	Gnome Gnome Gvariant Database -	1

Common Weakness Enumeration (CWE)

CWE-416 - Use After Free

References

https://vuldb.com/?id.216789
https://github.com/GNOME/gvdb/commit/d83587b2a364eb9a9a53be7e6a708074e252de14
https://vuldb.com/?ctiid.216789