#GlibcVulnerability

GNU C Library Vulnerability Leads to Full Root Access

by

January 31, 2024 at 12:48PM A vulnerability in Linux’s glibc allows attackers to gain full root access, as reported by Qualys. Tracked as CVE-2023-6246, the heap-based buffer overflow in glibc’s __vsyslog_internal() function can be exploited by providing a long argv[0] or openlog() ident argument. While remote triggering is unlikely, it poses a significant risk due … Read more

New Linux glibc flaw lets attackers get root on major distros

by

January 30, 2024 at 06:11PM A vulnerability (CVE-2023-6246) in the GNU C Library (glibc) allows unprivileged attackers to gain root access on major Linux distributions. The flaw, introduced in glibc 2.37, leads to local privilege escalation. Qualys confirmed its exploitability on Debian, Ubuntu, and Fedora systems, emphasizing the critical need for strict security measures in … Read more