CVE-2024-52533

gio/gsocks4aproxy.c in GNOME GLib before 2.82.1 has an off-by-one error and resultant buffer overflow because SOCKS4_CONN_MSG_LEN is not sufficient for a trailing '\0' character.

Published: Nov 12, 2024
Updated: Jun 18, 2025
CVE: CVE-2024-52533
Exploit:

No technical information available.

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
gnome / glib	-	2.82.1
debian / debian_linux	11.0	11.0.x
netapp / ontap_tools	10	10.x

http://www.openwall.com/lists/oss-security/2024/11/12/11
https://gitlab.gnome.org/GNOME/glib/-/issues/3461
https://gitlab.gnome.org/GNOME/glib/-/releases/2.82.1
https://gitlab.gnome.org/Teams/Releng/security/-/wikis/home
https://lists.debian.org/debian-lts-announce/2024/11/msg00020.html
https://security.netapp.com/advisory/ntap-20241206-0009/

Vulnerability Database

289,599

CVE-2024-52533