Main Vulnerability Database SB2021082545

SB2021082545 - Anolis OS update for glib2

Published: August 25, 2021 Updated: March 28, 2025

Security Bulletin ID SB2021082545

Severity

Low

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Local access

Highest impact Data manipulation

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) Incorrect Conversion between Numeric Types (CVE-ID: CVE-2021-27218)

The vulnerability allows a local user to bypass implemented security restrictions.

The vulnerability exists due to incorrect conversion between numeric types in Gnome Glib. If g_byte_array_new_take() was called with a buffer of 4GB or more on a 64-bit platform, the length would be truncated modulo 2**32, causing unintended length truncation.

Remediation

Install update from vendor's website.

References

https://anas.openanolis.cn/errata/detail/ANSA-2021:0062

SB2021082545 - Anolis OS update for glib2

Breakdown by Severity

Description

Remediation

References

Please verify you're human