CVE-2024-52533: 
Alma Linux vulnerability analysis and mitigation

A buffer overflow vulnerability was discovered in GNOME GLib versions prior to 2.82.1, identified as CVE-2024-52533. The vulnerability exists in the gio/gsocks4aproxy.c file due to an off-by-one error where SOCKS4CONNMSG_LEN is not sufficient for a trailing '\0' character. The issue was discovered and fixed in September 2024, affecting GNOME GLib implementations across various systems (NVD, OSS Security).

The vulnerability stems from a buffer overflow condition in the SOCKS proxy code where setconnectmsg() receives a buffer of size SOCKS4CONNMSGLEN but writes up to SOCKS4CONNMSGLEN + 1 bytes to it. This occurs because SOCKS4CONNMSGLEN doesn't account for the trailing null character that setconnect_msg() appends after the hostname. The vulnerability has been assigned a CVSS v3.1 score of 9.8 (CRITICAL) with the vector string CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H (OSS Security, NVD).

The successful exploitation of this vulnerability could lead to disclosure of sensitive information, addition or modification of data, or Denial of Service (DoS). The high CVSS score indicates critical severity with potential for complete system compromise (NetApp Security).

The vulnerability has been fixed in GNOME GLib version 2.82.1. Users and administrators are strongly advised to upgrade to this version or later. For Debian 11 (bullseye), the fix has been implemented in version 2.66.8-1+deb11u5 (Debian LTS).