CVE-2025-3360 is a vulnerability identified in the GLib library used within Red Hat Enterprise Linux 10. The flaw arises from an integer overflow and buffer under-read condition triggered when the function g_date_time_new_from_iso8601() parses a specially crafted, excessively long invalid ISO 8601 timestamp string. The integer overflow occurs because the length of the input timestamp is not properly checked, causing internal calculations to wrap around and leading to incorrect memory handling. This subsequently results in a buffer under-read, where the function reads memory before the allocated buffer boundary. Such memory mismanagement can lead to undefined behavior, including potential application crashes or denial of service. However, the vulnerability does not directly impact confidentiality or integrity, as it does not allow for code execution or data manipulation. The CVSS score is 3.7 (low severity), reflecting that the attack vector is network-based but requires high attack complexity, no privileges, and no user interaction. Exploitation does not appear trivial, and no known exploits are currently reported in the wild. The vulnerability affects Red Hat Enterprise Linux 10 systems that utilize GLib for date-time parsing, which is common in many system and application components. Since the issue is in a widely used library, any software relying on GLib's ISO 8601 parsing functionality could be indirectly affected. The absence of a patch link suggests that remediation might still be pending or in progress at the time of reporting.

For European organizations, the impact of CVE-2025-3360 is primarily related to availability. Systems running Red Hat Enterprise Linux 10 that process untrusted ISO 8601 timestamps using GLib could experience application crashes or service disruptions due to the buffer under-read triggered by this vulnerability. This could affect critical infrastructure or services relying on date-time parsing, such as logging, scheduling, or data processing applications. However, since the vulnerability does not allow for privilege escalation, remote code execution, or data compromise, the risk to confidentiality and integrity is minimal. The low CVSS score and high attack complexity reduce the likelihood of widespread exploitation. Nevertheless, organizations with automated systems ingesting external timestamp data should be cautious, as malformed input could cause denial of service conditions. In sectors like finance, healthcare, or government services where Red Hat Enterprise Linux 10 is deployed, even brief service interruptions could have operational or compliance implications. Overall, the threat is moderate but warrants attention to prevent potential availability issues.

European organizations should proactively monitor for updates and patches from Red Hat addressing this vulnerability and apply them promptly once available. In the interim, they can implement input validation and sanitization controls to detect and reject abnormally long or malformed ISO 8601 timestamp strings before they reach vulnerable GLib functions. Application-level logging and monitoring should be enhanced to detect crashes or anomalies related to date-time parsing. Network-level protections such as Web Application Firewalls (WAFs) or Intrusion Prevention Systems (IPS) can be configured to identify and block suspicious payloads containing malformed timestamps. Additionally, organizations should conduct code audits or reviews of internal applications that utilize GLib's date-time parsing to assess exposure and consider temporary workarounds, such as limiting input size or disabling vulnerable functionality if feasible. Maintaining robust incident response procedures to quickly address any denial of service events is also recommended. Finally, organizations should track threat intelligence feeds for any emerging exploit attempts targeting this vulnerability.