Security News > 2024 > January > New Glibc Flaw Grants Attackers Root Access on Major Linux Distros
2024-01-31 05:44
Malicious local attackers can obtain full root access on Linux machines by taking advantage of a newly disclosed security flaw in the GNU C library (aka glibc). Tracked as CVE-2023-6246, the heap-based buffer overflow vulnerability is rooted in glibc's __vsyslog_internal() function, which is used by syslog() and vsyslog() for system logging purposes. It's said to have been accidentally
News URL
https://thehackernews.com/2024/01/new-glibc-flaw-grants-attackers-root.html
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-01-31 | CVE-2023-6246 | Out-of-bounds Write vulnerability in multiple products A heap-based buffer overflow was found in the __vsyslog_internal function of the glibc library. | 7.8 |