CVE-2025-3360 is a vulnerability identified in the GLib library, specifically within the function g_date_time_new_from_iso8601(). This function is responsible for parsing ISO 8601 formatted timestamps. The flaw arises when the function processes a long invalid ISO 8601 timestamp, leading to an integer overflow or wraparound condition. This integer overflow subsequently causes a buffer under-read, where the program reads memory locations before the intended buffer boundary. Such behavior can lead to undefined program behavior, potential crashes, or memory corruption. The vulnerability is present in Red Hat Enterprise Linux 10, as GLib is a core library used extensively in Linux environments for handling date and time operations. The CVSS score assigned is 3.7 (low severity), reflecting that the attack vector is network-based but requires high attack complexity, no privileges, and no user interaction. The impact is limited to availability (causing potential application crashes), with no direct confidentiality or integrity compromise reported. No known exploits are currently in the wild, and no patches or mitigations have been explicitly linked yet. The vulnerability's root cause is a failure to properly validate or handle excessively long or malformed ISO 8601 timestamps, which triggers the integer overflow and buffer under-read during parsing.

For European organizations, the impact of CVE-2025-3360 is relatively limited due to its low severity score and the nature of the vulnerability. The primary risk is potential denial of service (DoS) conditions if an attacker sends specially crafted timestamps to services or applications relying on GLib's g_date_time_new_from_iso8601() function. This could cause application crashes or instability, potentially disrupting business operations or critical services. However, since the vulnerability does not allow for privilege escalation, data leakage, or code execution, the confidentiality and integrity of systems and data are not directly threatened. Organizations running Red Hat Enterprise Linux 10 or other Linux distributions using the vulnerable GLib version in critical infrastructure, especially those processing external timestamp data (e.g., logging systems, time synchronization services, or data ingestion pipelines), should be aware of the risk of service interruptions. The absence of known exploits reduces immediate risk, but the vulnerability should be addressed proactively to prevent future exploitation attempts.

European organizations should implement the following specific mitigations: 1) Monitor and restrict incoming data streams that include ISO 8601 timestamps, especially from untrusted or external sources, to prevent malformed or excessively long timestamp inputs. 2) Apply strict input validation and sanitization at the application layer before passing timestamps to GLib functions. 3) Update GLib to the latest patched version as soon as it becomes available from Red Hat or the GLib maintainers to eliminate the vulnerability. 4) Employ runtime application self-protection (RASP) or memory safety tools to detect and prevent buffer under-read or overflow conditions during execution. 5) Conduct targeted testing and fuzzing of timestamp parsing components to identify and remediate similar edge cases proactively. 6) Implement robust logging and monitoring to detect unusual application crashes or anomalies related to date/time processing, enabling rapid incident response.