CVE-2025-3360 is a vulnerability identified in the GLib library component of Red Hat Enterprise Linux 10. The issue arises from an integer overflow and buffer under-read occurring when the g_date_time_new_from_iso8601() function attempts to parse an excessively long and invalid ISO 8601 timestamp string. Specifically, the integer overflow can cause the calculation of buffer sizes or indices to wrap around, leading to reading memory before the allocated buffer (buffer under-read). This can result in application instability or crashes, causing a denial of service (DoS) condition. The vulnerability does not allow for code execution, privilege escalation, or data leakage, as it does not impact confidentiality or integrity. The CVSS v3.1 score is 3.7 (low), reflecting that the attack vector is network-based but requires high attack complexity, no privileges, and no user interaction. No known exploits have been reported in the wild, and the vulnerability affects the GLib library as packaged in Red Hat Enterprise Linux 10. The flaw is triggered by processing malformed ISO 8601 timestamps, which may be encountered in applications handling date/time data from untrusted sources. Since GLib is a widely used low-level library for C programs, any software relying on this function could be indirectly affected if it processes external timestamp inputs. The vulnerability was published on April 7, 2025, and no patch links were provided at the time of reporting, indicating that remediation may be pending or in progress.

For European organizations, the primary impact of CVE-2025-3360 is the potential for denial of service in applications or services that parse ISO 8601 timestamps using the vulnerable GLib function. This could lead to service interruptions or crashes in systems running Red Hat Enterprise Linux 10, particularly those processing external or untrusted timestamp data. While the impact on confidentiality and integrity is negligible, availability degradation could affect critical infrastructure or business operations relying on continuous uptime. The low severity and high attack complexity reduce the likelihood of widespread exploitation; however, organizations with automated timestamp processing in network-facing applications should be cautious. The absence of known exploits in the wild further limits immediate risk but does not eliminate the need for vigilance. European sectors such as finance, telecommunications, and government services that use Red Hat Enterprise Linux 10 in their infrastructure could experience minor disruptions if targeted. The vulnerability does not require authentication or user interaction, meaning that an attacker could potentially trigger the issue remotely if the vulnerable function is exposed in network services.

1. Monitor Red Hat and GLib vendor advisories closely for official patches addressing CVE-2025-3360 and apply them promptly once available. 2. Implement input validation and sanitization on all ISO 8601 timestamp inputs to ensure they conform to expected length and format constraints before parsing. 3. Employ application-layer filtering or firewall rules to restrict or monitor traffic containing suspiciously long or malformed timestamp data. 4. Conduct code audits and testing of applications using GLib’s g_date_time_new_from_iso8601() function to identify and remediate unsafe usage patterns. 5. Where feasible, isolate or sandbox services that process external timestamp data to limit the impact of potential crashes. 6. Maintain up-to-date backups and incident response plans to quickly recover from any denial of service incidents. 7. Consider deploying runtime protection tools that can detect and prevent buffer under-read or memory corruption attempts. These targeted measures go beyond generic advice by focusing on the specific vector and affected component of this vulnerability.