IM
IronMonkey Threat Research

CVE-2023-6246 HIGH

Published: 2024-01-31 | Last Modified: 2026-05-12 | Status: Modified

Description

A heap-based buffer overflow was found in the __vsyslog_internal function of the glibc library. This function is called by the syslog and vsyslog functions. This issue occurs when the openlog function was not called, or called with the ident argument set to NULL, and the program name (the basename of argv[0]) is bigger than 1024 bytes, resulting in an application crash or local privilege escalation. This issue affects glibc 2.36 and newer.

Additional Descriptions (1)

Se encontró un desbordamiento de búfer en la región Heap de la memoria en la función __vsyslog_internal de la librería glibc. Esta función es llamada por las funciones syslog y vsyslog. Este problema ocurre cuando no se llamó a la función openlog, o se llamó con el argumento ident establecido en NULL, y el nombre del programa (el nombre base de argv[0]) tiene más de 1024 bytes, lo que provoca un bloqueo de la aplicación o una escalada de privilegios locales. Este problema afecta a glibc 2.36 y versiones posteriores.

CVSS Metrics

Base Score: 7.8 (HIGH)

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Attack VectorLOCAL
Attack ComplexityLOW
Privileges RequiredLOW
User InteractionNONE
ScopeUNCHANGED
Confidentiality ImpactHIGH
Integrity ImpactHIGH
Availability ImpactHIGH

Source: [email protected]

Type: Primary

Exploitability Score: 1.8

Impact Score: 5.9

Weaknesses

Source Type Description
[email protected] Secondary
en CWE-122
[email protected] Primary
en CWE-787

Affected Products

Vendor Product Version Update Type
gnu glibc * <built-in method update of dict object at 0x702bfc132980> Application
fedoraproject fedora 38 <built-in method update of dict object at 0x702b70377500> Operating System
fedoraproject fedora 39 <built-in method update of dict object at 0x702b70376980> Operating System

Affected Configurations

Operator: OR

Vulnerable CPE
Yes cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*

Operator: OR

Vulnerable CPE
Yes cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*
Yes cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*

References

Notification
Message here