{"id":"USN-8017-1","summary":"glib2.0 vulnerabilities","details":"It was discovered that GLib incorrectly parsed large Base64 data. An\nattacker could use this issue to cause GLib to crash, resulting in a\ndenial of service, or possibly execute arbitrary code. (CVE-2026-1484)\n\nIt was discovered that GLib incorrectly parsed certain treemagic files.\nAn attacker could use this issue to cause GLib to crash, resulting in a\ndenial of service, or possibly execute arbitrary code. (CVE-2026-1485)\n\nIt was discovered that GLib incorrectly handled Unicode case conversion.\nAn attacker could use this issue to cause GLib to crash, resulting in a\ndenial of service, or possibly execute arbitrary code. (CVE-2026-1489)","modified":"2026-04-24T10:09:44.067924Z","published":"2026-02-05T13:12:58Z","related":["UBUNTU-CVE-2026-1484","UBUNTU-CVE-2026-1485","UBUNTU-CVE-2026-1489"],"upstream":["CVE-2026-1484","CVE-2026-1485","CVE-2026-1489","UBUNTU-CVE-2026-1484","UBUNTU-CVE-2026-1485","UBUNTU-CVE-2026-1489"],"references":[{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/USN-8017-1"}],"affected":[{"package":{"name":"glib2.0","ecosystem":"Ubuntu:22.04:LTS","purl":"pkg:deb/ubuntu/glib2.0@2.72.4-0ubuntu2.9?arch=source&distro=jammy"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.72.4-0ubuntu2.9"}]}],"versions":["2.68.4-1ubuntu1","2.70.1-1","2.70.2-1","2.71.0-2","2.71.1-1","2.71.2-1","2.71.3-1","2.72.0-1","2.72.1-1","2.72.4-0ubuntu1","2.72.4-0ubuntu2","2.72.4-0ubuntu2.2","2.72.4-0ubuntu2.3","2.72.4-0ubuntu2.4","2.72.4-0ubuntu2.5","2.72.4-0ubuntu2.6","2.72.4-0ubuntu2.7","2.72.4-0ubuntu2.8"],"ecosystem_specific":{"binaries":[{"binary_name":"libglib2.0-0","binary_version":"2.72.4-0ubuntu2.9"},{"binary_name":"libglib2.0-bin","binary_version":"2.72.4-0ubuntu2.9"},{"binary_name":"libglib2.0-data","binary_version":"2.72.4-0ubuntu2.9"},{"binary_name":"libglib2.0-dev-bin","binary_version":"2.72.4-0ubuntu2.9"},{"binary_name":"libglib2.0-tests","binary_version":"2.72.4-0ubuntu2.9"}],"availability":"No subscription required"},"database_specific":{"cves_map":{"ecosystem":"Ubuntu:22.04:LTS","cves":[]},"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-8017-1.json"}},{"package":{"name":"glib2.0","ecosystem":"Ubuntu:24.04:LTS","purl":"pkg:deb/ubuntu/glib2.0@2.80.0-6ubuntu3.8?arch=source&distro=noble"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.80.0-6ubuntu3.8"}]}],"versions":["2.78.0-2","2.78.1-4","2.78.3-1","2.78.3-2","2.79.1-1","2.79.2-1~ubuntu1","2.79.3-3ubuntu5","2.80.0-6ubuntu1","2.80.0-6ubuntu3","2.80.0-6ubuntu3.1","2.80.0-6ubuntu3.2","2.80.0-6ubuntu3.4","2.80.0-6ubuntu3.5","2.80.0-6ubuntu3.6","2.80.0-6ubuntu3.7"],"ecosystem_specific":{"binaries":[{"binary_name":"gir1.2-girepository-3.0","binary_version":"2.80.0-6ubuntu3.8"},{"binary_name":"gir1.2-glib-2.0","binary_version":"2.80.0-6ubuntu3.8"},{"binary_name":"libgirepository-2.0-0","binary_version":"2.80.0-6ubuntu3.8"},{"binary_name":"libglib2.0-0t64","binary_version":"2.80.0-6ubuntu3.8"},{"binary_name":"libglib2.0-bin","binary_version":"2.80.0-6ubuntu3.8"},{"binary_name":"libglib2.0-data","binary_version":"2.80.0-6ubuntu3.8"},{"binary_name":"libglib2.0-dev-bin","binary_version":"2.80.0-6ubuntu3.8"},{"binary_name":"libglib2.0-tests","binary_version":"2.80.0-6ubuntu3.8"}],"availability":"No subscription required"},"database_specific":{"cves_map":{"ecosystem":"Ubuntu:24.04:LTS","cves":[]},"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-8017-1.json"}},{"package":{"name":"glib2.0","ecosystem":"Ubuntu:25.10","purl":"pkg:deb/ubuntu/glib2.0@2.86.0-2ubuntu0.3?arch=source&distro=questing"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.86.0-2ubuntu0.3"}]}],"versions":["2.84.1-1","2.84.1-2","2.84.2-1","2.84.3-1","2.85.1-2","2.85.2-2","2.85.3-1","2.86.0-2","2.86.0-2ubuntu0.1","2.86.0-2ubuntu0.2"],"ecosystem_specific":{"binaries":[{"binary_name":"gir1.2-girepository-3.0","binary_version":"2.86.0-2ubuntu0.3"},{"binary_name":"gir1.2-glib-2.0","binary_version":"2.86.0-2ubuntu0.3"},{"binary_name":"girepository-tools","binary_version":"2.86.0-2ubuntu0.3"},{"binary_name":"libgio-2.0-dev-bin","binary_version":"2.86.0-2ubuntu0.3"},{"binary_name":"libgirepository-2.0-0","binary_version":"2.86.0-2ubuntu0.3"},{"binary_name":"libglib2.0-0t64","binary_version":"2.86.0-2ubuntu0.3"},{"binary_name":"libglib2.0-bin","binary_version":"2.86.0-2ubuntu0.3"},{"binary_name":"libglib2.0-data","binary_version":"2.86.0-2ubuntu0.3"},{"binary_name":"libglib2.0-dev-bin","binary_version":"2.86.0-2ubuntu0.3"},{"binary_name":"libglib2.0-tests","binary_version":"2.86.0-2ubuntu0.3"}],"availability":"No subscription required"},"database_specific":{"cves_map":{"ecosystem":"Ubuntu:25.10","cves":[]},"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-8017-1.json"}}],"schema_version":"1.7.5"}