A heap-based buffer overflow was found in the __vsyslog_internal function of the glibc library. This function is called by the syslog and vsyslog functions. This issue occurs when the openlog function was not called, or called with the ident argument set to NULL, and the program name (the basename of argv[0]) is bigger than 1024 bytes, resulting in an application crash or local privilege escalation. This issue affects glibc 2.36 and newer.
Se encontró un desbordamiento de búfer en la región Heap de la memoria en la función __vsyslog_internal de la librería glibc. Esta función es llamada por las funciones syslog y vsyslog. Este problema ocurre cuando no se llamó a la función openlog, o se llamó con el argumento ident establecido en NULL, y el nombre del programa (el nombre base de argv[0]) tiene más de 1024 bytes, lo que provoca un bloqueo de la aplicación o una escalada de privilegios locales. Este problema afecta a glibc 2.36 y versiones posteriores.
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
| Attack Vector | LOCAL |
|---|---|
| Attack Complexity | LOW |
| Privileges Required | LOW |
| User Interaction | NONE |
| Scope | UNCHANGED |
| Confidentiality Impact | HIGH |
| Integrity Impact | HIGH |
| Availability Impact | HIGH |
| Source | Type | Description |
|---|---|---|
| [email protected] | Secondary |
en
CWE-122
|
| [email protected] | Primary |
en
CWE-787
|
| Vendor | Product | Version | Update | Type |
|---|---|---|---|---|
| gnu | glibc | * | <built-in method update of dict object at 0x702bfc132980> | Application |
| fedoraproject | fedora | 38 | <built-in method update of dict object at 0x702b70377500> | Operating System |
| fedoraproject | fedora | 39 | <built-in method update of dict object at 0x702b70376980> | Operating System |
| Vulnerable | CPE |
|---|---|
| Yes | cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:* |
| Vulnerable | CPE |
|---|---|
| Yes | cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:* |
| Yes | cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:* |