CVE-2023-6779 affecting package glibc for versions less than 2.38-6

CVE-2023-6779 affecting package glibc for versions less than 2.38-6. A patched version of the package is available...

Updated glibc packages fix security vulnerabilities

The updated packages fix security vulnerabilities: A heap-based buffer overflow was found in the vsysloginternal function of the glibc library. This function is called by the syslog and vsyslog functions. This issue occurs when the openlog function was not called, or called with the ident argumen...

BELL-CVE-2023-6779

Bulletin has no description...

SUSE CVE-2023-6779

An off-by-one heap-based buffer overflow was found in the vsysloginternal function of the glibc library. This function is called by the syslog and vsyslog functions. This issue occurs when these functions are called with a message bigger than INTMAX bytes, leading to an incorrect calculation of t...

Ubuntu 23.10 : GNU C Library vulnerabilities (USN-6620-1)

The remote Ubuntu 23.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6620-1 advisory. It was discovered that the GNU C Library incorrectly handled the syslog function call. A local attacker could use this issue to execute arbitrary code and...

Fedora 38 : glibc (2024-07597a0fb3)

The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-07597a0fb3 advisory. Security fix for CVE-2023-6246, CVE-2023-6779, and CVE-2023-6780. CVE-2023-6246: vsysloginternal did not handle a case where printing a SYSLOGHEADER...

CVE-2023-6779

creationtimestamp| type| source ---|---|--- 2024-01-31 15:22:00+00:00| seen| https://t.me/ctinow/176816 2024-01-31 15:31:41+00:00| seen| https://t.me/ctinow/176821 2024-01-31 17:00:10+00:00| seen| https://t.me/truesecator/5359 2024-02-01 08:59:09+00:00| seen|...

CVE-2023-6779

An off-by-one heap-based buffer overflow was found in the vsysloginternal function of the glibc library. This function is called by the syslog and vsyslog functions. This issue occurs when these functions are called with a message bigger than INTMAX bytes, leading to an incorrect calculation of t...

CVE-2023-6779

An off-by-one heap-based buffer overflow was found in the vsysloginternal function of the glibc library. This function is called by the syslog and vsyslog functions. This issue occurs when these functions are called with a message bigger than INTMAX bytes, leading to an incorrect calculation of t...

CVE-2023-6779 vulnerabilities

Vulnerabilities for packages: glibc...

CVE-2023-6779 vulnerabilities

Vulnerabilities for packages: glibc...

CVE-2023-6779 Glibc: off-by-one heap-based buffer overflow in __vsyslog_internal()

An off-by-one heap-based buffer overflow was found in the vsysloginternal function of the glibc library. This function is called by the syslog and vsyslog functions. This issue occurs when these functions are called with a message bigger than INTMAX bytes, leading to an incorrect calculation of t...

CVE-2023-6779

The CVE describes a heap-based off-by-one overflow in glibc’s __vsyslog_internal invoked by syslog/vsyslog when a message exceeds INT_MAX. Affected are glibc 2.37 and newer; exploitation may cause an application crash. Evidence from connected sources indicates a fix in patched glibc releases (e.g...

CVE-2023-6779

An off-by-one heap-based buffer overflow was found in the vsysloginternal function of the glibc library. This function is called by the syslog and vsyslog functions. This issue occurs when these functions are called with a message bigger than INTMAX bytes, leading to an incorrect calculation of t...

CVE-2023-6779

An off-by-one heap-based buffer overflow was found in the vsysloginternal function of the glibc library. This function is called by the syslog and vsyslog functions. This issue occurs when these functions are called with a message bigger than INTMAX bytes, leading to an incorrect calculation of t...

CVE-2023-6779

An off-by-one heap-based buffer overflow was found in the vsysloginternal function of the glibc library. This function is called by the syslog and vsyslog functions. This issue occurs when these functions are called with a message bigger than INTMAX bytes, leading to an incorrect calculation of t...

[SECURITY] [DSA 5611-1] glibc security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5611-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso January 30, 2024 https://www.debian.org/security/faq -...

Qualys TRU Discovers Important Vulnerabilities in GNU C Library’s syslog()

The Qualys Threat Research Unit TRU has recently unearthed four significant vulnerabilities in the GNU C Library, a cornerstone for countless applications in the Linux environment. Before diving into the specific details of the vulnerabilities discovered by the Qualys Threat Research Unit in the...

Debian dsa-5611 : glibc-doc - security update

The remote Debian 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5611 advisory. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-5611-1...