- Description
- A heap-based buffer overflow was found in the __vsyslog_internal function of the glibc library. This function is called by the syslog and vsyslog functions. This issue occurs when the openlog function was not called, or called with the ident argument set to NULL, and the program name (the basename of argv[0]) is bigger than 1024 bytes, resulting in an application crash or local privilege escalation. This issue affects glibc 2.36 and newer.
- Source
- secalert@redhat.com
- NVD status
- Modified
- Products
- glibc, fedora
CVSS 3.1
- Type
- Primary
- Base score
- 7.8
- Impact score
- 5.9
- Exploitability score
- 1.8
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
- Hype score
- Not currently trending
Linux glibc提权漏洞 CVE-2023-6246,非特权攻击者可以通过利用 GNU C 库 (glibc) 中新披露的本地权限提升 (LPE) 漏洞,在默认配置下获得多个主要 Linux 发行版的 root 访问权限。 联系;https://t.co/xr1mHjEszm https://t.co/wxQenZwcCx
@WardMeredilj31
31 Jan 2026
32 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🔐 Urgent Linux Patch Alert! 🔐 CVE-2023-6246 in glibc allows attackers to gain root access on Ubuntu systems. Are your servers updated? Learn mitigation steps: Read more: 👉 https://t.co/DNPw8GVvBj #CyberSecurity #LinuxAdmin https://t.co/MqF
@Cezar_H_Linux
15 Jul 2025
25 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5618FB1A-596C-4054-8DB6-7A9F189D9AFC",
"versionEndExcluding": "2.39",
"versionStartIncluding": "2.36",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*",
"matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*",
"matchCriteriaId": "B8EDB836-4E6A-4B71-B9B2-AA3E03E0F646",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
]