New Glibc Flaw Grants Attackers Root Access on Major Linux Distros
Jan 31, 2024
Vulnerability / Endpoint Security
Malicious local attackers can obtain full root access on Linux machines by taking advantage of a newly disclosed security flaw in the GNU C library (aka glibc). Tracked as CVE-2023-6246 (CVSS score: 7.8), the heap-based buffer overflow vulnerability is rooted in glibc's __vsyslog_internal() function, which is used by syslog() and vsyslog() for system logging purposes. It's said to have been accidentally introduced in August 2022 with the release of glibc 2.37. "This flaw allows local privilege escalation, enabling an unprivileged user to gain full root access," Saeed Abbasi, product manager of the Threat Research Unit at Qualys, said , adding it impacts major Linux distributions like Debian, Ubuntu, and Fedora. A threat actor could exploit the flaw to obtain elevated permissions via specially crafted inputs to applications that employ these logging functions. "Although the vulnerability requires specific conditions to be exploited (such as an unusuall