Every article tag can be clicked to get a list of all articles in that category. Every article tag also has an RSS feed! You can customize an RSS feed too!
We do often include affiliate links to earn us some pennies. See more here.

Well, here's another reminder to keep your PC up to date. Despite Linux being known for security, it's not perfect (no software is) and researchers at Qualys have discovered multiple vulnerabilities in the GNU C Library.

They said the issues were confirmed on Debian (versions 12 and 13), Ubuntu (23.04 and 23.10), and Fedora (37 to 39) but that other distributions are also likely affected by it.

What they said sounds a little alarming noting "four significant vulnerabilities" with the first being noted as CVE-2023-6246, which is the most severe as it allows "local privilege escalation, enabling an unprivileged user to gain full root access". Two more issues were discovered during this noted as:

  • CVE-2023-6779 (glibc): This vulnerability involves an off-by-one heap-based buffer overflow in the __vsyslog_internal() function.
  • CVE-2023-6780 (glibc): This is an integer overflow issue in the __vsyslog_internal() function.

But they said actually triggering those "appears more challenging than CVE-2023-6246" and so "exploiting them effectively is likely to be more complex". Another memory corruption issue was also discovered, but they didn't note a CVE number for it.

More about the most severe of the group CVE-2023-6246:

This vulnerability identified is a heap-based buffer overflow within the __vsyslog_internal() function of the GNU C Library, also known as glibc. This critical function underpins the widely-used syslog() and vsyslog() functions. The buffer overflow issue, traced back to the introduction of glibc version 2.37, poses a significant threat as it could allow local privilege escalation, enabling an unprivileged user to gain full root access through crafted inputs to applications that employ these logging functions. Although the vulnerability requires specific conditions to be exploited (such as an unusually long argv[0] or openlog() ident argument), its impact is significant due to the widespread use of the affected library. Interestingly, a similar issue was reported in December 1997 in an older Linux libc version.

See their full article on it for more info. Nice to see a responsible disclosure with the researchers sending all the details to the relevant people.

Article taken from GamingOnLinux.com.
18 Likes
About the author -
author picture
I am the owner of GamingOnLinux. After discovering Linux back in the days of Mandrake in 2003, I constantly checked on the progress of Linux until Ubuntu appeared on the scene and it helped me to really love it. You can reach me easily by emailing GamingOnLinux directly. You can also follow my personal adventures on Bluesky.
See more from me
All posts need to follow our rules. For users logged in: please hit the Report Flag icon on any post that breaks the rules or contains illegal / harmful content. Guest readers can email us for any issues.
3 comments

Bogomips Jan 31
So, maybe it was related to the glibc update from this morning, I don't even need to follow Debian for news now ;)
I'm on daily updates, so I don't really have to worry about this. If it hasn't been solved, there's nothing I can do, and if it has then I should automatically get it.

Though, I'd assume Flatpak runtimes will need to update as well? Although the risk should be lower there with all the mitigation they have.
Friendly reminder that even without root attackers usually can get hold of anything you hold dear in your unencrypted $HOME directory (passwords, private files and pictures).

Exercise caution and follow best practices to keep yourself reasonably safe but don't become obsessed about it (unless you keep highly sensitive data).
While you're here, please consider supporting GamingOnLinux on:

Reward Tiers: Patreon. Plain Donations: PayPal.

This ensures all of our main content remains totally free for everyone! Patreon supporters can also remove all adverts and sponsors! Supporting us helps bring good, fresh content. Without your continued support, we simply could not continue!

You can find even more ways to support us on this dedicated page any time. If you already are, thank you!
Login / Register