This security bulletin contains one low risk vulnerability.
Exploit availability: NoDescription
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to integer overflow within the g_bytes_new() function on 64-bit platforms due to an implicit cast from 64 bits to 32 bits. A local user can run a specially crafted program to trigger an integer overflow and execute arbitrary code with elevated privileges.
Install updates from vendor's website.Vulnerable software versions
Gnome GLib: 2.66.0 - 2.67.2
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?