TLDR.Chat

New Local Privilege Escalation Vulnerability in GNU C Library (glibc)

New Linux glibc flaw lets attackers get root on major distros 🔗

Unprivileged attackers can get root access on multiple major Linux distributions in default configurations by exploiting a newly disclosed local privilege escalation (LPE) vulnerability in the GNU C Library (glibc).

A new local privilege escalation (LPE) vulnerability in the GNU C Library (glibc) allows unprivileged attackers to gain root access on major Linux distributions in default configurations. Tracked as CVE-2023-6246, the flaw affects glibc's __vsyslog_internal() function and poses a significant threat due to a heap-based buffer overflow weakness. Qualys security researchers confirmed its impact on Debian, Ubuntu, and Fedora systems, and also identified three other vulnerabilities in glibc. This discovery emphasizes the critical need for strict security measures in software development, especially for core libraries widely used across many systems and applications.

Related