CVE-2021-27218

An issue was discovered in GNOME GLib before 2.66.7 and 2.67.x before 2.67.4. If gbytearraynewtake() was called with a buffer of 4GB or more on a 64-bit platform, the length would be truncated modulo 2**32, causing unintended length truncation.

References

Affected packages

Git / github.com/gnome/glib

Affected ranges

Type

GIT

Repo

https://github.com/gnome/glib

Events

Introduced

Fixed

95115f029d9c170c2e966cd7d3547b6394c92a4a

Introduced

8f0b968cd128915853d17bf7944f7e0ebd90a399

Fixed

4236672170fcf643fd7425fcc74cc8d8340ebd79

Database specific

{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "fixed": "2.66.7"
        },
        {
            "introduced": "2.67.0"
        },
        {
            "fixed": "2.67.4"
        }
    ]
}

Affected versions

2.*

2.67.0

2.67.1

2.67.2

2.67.3

Database specific

unresolved_ranges

[
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "33"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "34"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "9.0"
            }
        ]
    }
]

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-27218.json"