CVE-2025-3360 is a vulnerability identified in the GLib library component of Red Hat Enterprise Linux 10, specifically within the g_date_time_new_from_iso8601() function. This function is responsible for parsing ISO 8601 formatted timestamps. The vulnerability arises due to an integer overflow or wraparound when processing excessively long or malformed ISO 8601 timestamp strings. This integer overflow leads to a buffer under-read condition, where the function reads memory before the intended buffer boundary. Such memory mismanagement can cause application crashes or undefined behavior, impacting availability. The vulnerability does not allow for privilege escalation, code execution, or data disclosure, as it does not affect confidentiality or integrity. The CVSS v3.1 base score is 3.7, indicating low severity, with attack vector being network, attack complexity high, no privileges required, no user interaction, and unchanged scope. No known exploits have been reported in the wild, and no patches or mitigations have been explicitly linked yet. The flaw is primarily a denial-of-service risk due to potential application crashes when handling crafted timestamps.

The primary impact of CVE-2025-3360 is limited to availability degradation through potential application or service crashes when processing maliciously crafted ISO 8601 timestamps. This could disrupt services relying on GLib's date-time parsing, particularly those that accept or process external timestamp inputs. Since the vulnerability does not compromise confidentiality or integrity, the risk of data breach or unauthorized modification is minimal. However, denial-of-service conditions can affect critical systems if exploited at scale or in automated attacks. Organizations running Red Hat Enterprise Linux 10 with affected GLib versions in environments where timestamp parsing is exposed to untrusted inputs are at higher risk. The high attack complexity and lack of known exploits reduce immediate threat likelihood, but the vulnerability could be leveraged in targeted denial-of-service scenarios against time-sensitive or date-dependent applications.

Organizations should monitor Red Hat security advisories for patches addressing CVE-2025-3360 and apply updates promptly once available. In the interim, it is advisable to implement input validation and sanitization on all ISO 8601 timestamp inputs to restrict length and format, preventing excessively long or malformed strings from reaching the vulnerable function. Employing application-layer filtering or whitelisting of timestamp formats can reduce exposure. Additionally, deploying runtime protections such as memory safety tools (e.g., AddressSanitizer) during development and testing can help detect similar issues early. For critical systems, consider isolating or sandboxing components that parse external timestamps to limit impact from potential crashes. Logging and monitoring for unusual timestamp parsing errors can provide early warning of exploitation attempts. Avoid exposing services that parse ISO 8601 timestamps directly to untrusted network sources until patched.