Headlines |
2024-01-31 |
Security issue in glibc patched |
|
A significant security flaw was found in the GNU C library (glibc) which is used by most Linux distributions. This issue can allow local users to elevante their access to gain root access, giving the user (or application) administrative access. "A high severity vulnerability has been uncovered in the GNU C Library (glibc) that could allow local attackers to gain full root privileges on multiple Linux distributions. Disclosed as CVE-2023-6246, the issue is a heap-based buffer overflow in glibc's __vsyslog_internal() function, called by the commonly used syslog() and vsyslog() functions for logging messages. The flaw was introduced accidentally in glibc version 2.37 released in August 2022 and later backported to version 2.36.
According to researchers at Qualys who discovered the bug, it poses a major threat as it can enable unprivileged users to escalate privileges to root through crafted inputs to applications using the affected logging functions. While specific conditions are needed to exploit it, the impact is magnified due to glibc's widespread use." Mainstream Linux distributions have already published fixes and security announcementments. The Debian Security mailing list provides additional details. |
More headlines from this project
Back to News
|
|
TUXEDO |
TUXEDO Computers - Linux Hardware in a tailor made suite Choose from a wide range of laptops and PCs in various sizes and shapes at TUXEDOComputers.com. Every machine comes pre-installed and ready-to-run with Linux. Full 24 months of warranty and lifetime support included!
Learn more about our full service package and all benefits from buying at TUXEDO.
|
Star Labs |
Star Labs - Laptops built for Linux.
View our range including the highly anticipated StarFighter. Available with coreboot open-source firmware and a choice of Ubuntu, elementary, Manjaro and more. Visit Star Labs for information, to buy and get support.
|
|