New Glibc Flaw Grants Attackers Root Access on Major Linux Distros
New Glibc Flaw Grants Attackers Root Access on Major Linux Distros
31 January 2024
Malicious local attackers can obtain full root access on Linux machines by taking advantage of a newly disclosed security flaw in the GNU C library (aka glibc).
Tracked as CVE-2023-6246, the heap-based buffer overflow vulnerability is rooted in glibc's __vsyslog_internal() function, which is used by syslog() and vsyslog() for system logging purposes. It's said to have been accidentally