Security News > 2024 > January > New Glibc Flaw Grants Attackers Root Access on Major Linux Distros

New Glibc Flaw Grants Attackers Root Access on Major Linux Distros
2024-01-31 05:44

Malicious local attackers can obtain full root access on Linux machines by taking advantage of a newly disclosed security flaw in the GNU C library (aka glibc). Tracked as CVE-2023-6246, the heap-based buffer overflow vulnerability is rooted in glibc's __vsyslog_internal() function, which is used by syslog() and vsyslog() for system logging purposes. It's said to have been accidentally


News URL

https://thehackernews.com/2024/01/new-glibc-flaw-grants-attackers-root.html

Related news

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2024-01-31 CVE-2023-6246 Out-of-bounds Write vulnerability in multiple products
A heap-based buffer overflow was found in the __vsyslog_internal function of the glibc library.
local
low complexity
gnu fedoraproject CWE-787
7.8
7.8

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Linux 18 373 1439 1138 696 3646