CVE-2025-14512
MediumCVSS 6.5Exploitation Probability (EPSS)
Low risk41th percentile - higher than 41% of all known CVEs
Summary
A flaw in glib allows a heap buffer overflow and denial-of-service (DoS) via an integer overflow in the GIO escape_byte_string() function when processing malicious file or remote filesystem attribute values.
Risk Assessment
An attacker can remotely crash applications using glib, leading to service disruption (DoS). In extreme cases, the buffer overflow could enable arbitrary code execution, though the description primarily indicates DoS.
Recommendation
Immediately update glib to a patched version. If an update is not possible, restrict access to untrusted data sources (files, remote filesystems) processed by GIO.
Original NVD description (English source)
A flaw was found in glib. This vulnerability allows a heap buffer overflow and denial-of-service (DoS) via an integer overflow in GLib's GIO (GLib Input/Output) escape_byte_string() function when processing malicious file or remote filesystem attribute values.

