CVE-2026-58012: Buffer Over-read in Red Hat Red Hat Enterprise Linux 10
A flaw was found in GLib. A buffer over-read can occur in the g_regex_replace function when used with the `G_REGEX_RAW` compile flag and case-change replacement escapes because the string_append function processes matched substrings using UTF-8 functions that assume valid UTF-8 input, even when the string is treated as raw bytes. This vulnerability can cause a minor information disclosure of 1-5 bytes and a denial of service when the buffer over-read crosses a page boundary.
AI Analysis
Technical Summary
CVE-2026-58012 is a buffer over-read vulnerability in GLib's g_regex_replace function when used with the G_REGEX_RAW flag and case-change replacement escapes. The root cause is that string_append uses UTF-8 processing functions on raw byte strings, which can lead to reading beyond the intended buffer. This flaw can disclose a small amount of memory (1-5 bytes) and cause a denial of service if the over-read crosses a page boundary. It affects Red Hat Enterprise Linux 10 as it includes the vulnerable GLib version. The CVSS 3.1 base score is 6.5, indicating a medium severity vulnerability with network attack vector, low complexity, no privileges required, no user interaction, and impact on confidentiality and availability.
Potential Impact
The vulnerability allows an attacker to cause a minor information disclosure of 1-5 bytes from memory and potentially trigger a denial of service condition if the buffer over-read crosses a page boundary. There is no indication of integrity impact. The attack can be performed remotely without authentication or user interaction.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory at https://access.redhat.com/security/cve/CVE-2026-58012 for current remediation guidance. No official fix or temporary workaround is stated in the provided advisory content. Monitor the vendor advisory for updates and apply patches once available.
CVE-2026-58012: Buffer Over-read in Red Hat Red Hat Enterprise Linux 10
Description
A flaw was found in GLib. A buffer over-read can occur in the g_regex_replace function when used with the `G_REGEX_RAW` compile flag and case-change replacement escapes because the string_append function processes matched substrings using UTF-8 functions that assume valid UTF-8 input, even when the string is treated as raw bytes. This vulnerability can cause a minor information disclosure of 1-5 bytes and a denial of service when the buffer over-read crosses a page boundary.
CVSS v3.1
Score 6.5medium
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
CVE-2026-58012 is a buffer over-read vulnerability in GLib's g_regex_replace function when used with the G_REGEX_RAW flag and case-change replacement escapes. The root cause is that string_append uses UTF-8 processing functions on raw byte strings, which can lead to reading beyond the intended buffer. This flaw can disclose a small amount of memory (1-5 bytes) and cause a denial of service if the over-read crosses a page boundary. It affects Red Hat Enterprise Linux 10 as it includes the vulnerable GLib version. The CVSS 3.1 base score is 6.5, indicating a medium severity vulnerability with network attack vector, low complexity, no privileges required, no user interaction, and impact on confidentiality and availability.
Potential Impact
The vulnerability allows an attacker to cause a minor information disclosure of 1-5 bytes from memory and potentially trigger a denial of service condition if the buffer over-read crosses a page boundary. There is no indication of integrity impact. The attack can be performed remotely without authentication or user interaction.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory at https://access.redhat.com/security/cve/CVE-2026-58012 for current remediation guidance. No official fix or temporary workaround is stated in the provided advisory content. Monitor the vendor advisory for updates and apply patches once available.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- redhat
- Date Reserved
- 2026-06-26T20:59:47.855Z
- Cvss Version
- 3.1
- State
- PUBLISHED
- Remediation Level
- null
- Vendor Advisory Urls
- [{"url":"https://access.redhat.com/security/cve/CVE-2026-58012","vendor":"Red Hat"}]
Threat ID: 6a43c34927e9c79719d5bd5b
Added to database: 06/30/2026, 13:23:21 UTC
Last enriched: 06/30/2026, 13:37:39 UTC
Last updated: 06/30/2026, 14:16:07 UTC
Views: 3
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.