Lucene search
UbuntuUSN-6620-1HistoryFeb 01, 2024 - 12:00 a.m.
GNU C Library vulnerabilities
2024-02-0100:00:00
ubuntu.com
19
gnu c library
ubuntu 23.10
glibc
arbitrary code execution
privilege escalation
local attacker
syslog function
CVSS3
8.4
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
7.1
Confidence
High
EPSS
0.01
Percentile
83.9%
Releases
- Ubuntu 23.10
Packages
- glibc - GNU C Library
Details
It was discovered that the GNU C Library incorrectly handled the syslog()
function call. A local attacker could use this issue to execute arbitrary
code and possibly escalate privileges.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Ubuntu | 23.10 | noarch | libc6 | <Β 2.38-1ubuntu6.1 | UNKNOWN |
| Ubuntu | 23.10 | noarch | glibc-doc | <Β 2.38-1ubuntu6.1 | UNKNOWN |
| Ubuntu | 23.10 | noarch | glibc-source | <Β 2.38-1ubuntu6.1 | UNKNOWN |
| Ubuntu | 23.10 | noarch | libc-bin | <Β 2.38-1ubuntu6.1 | UNKNOWN |
| Ubuntu | 23.10 | noarch | libc-bin-dbgsym | <Β 2.38-1ubuntu6.1 | UNKNOWN |
| Ubuntu | 23.10 | noarch | libc-dev-bin | <Β 2.38-1ubuntu6.1 | UNKNOWN |
| Ubuntu | 23.10 | noarch | libc-dev-bin-dbgsym | <Β 2.38-1ubuntu6.1 | UNKNOWN |
| Ubuntu | 23.10 | noarch | libc-devtools | <Β 2.38-1ubuntu6.1 | UNKNOWN |
| Ubuntu | 23.10 | noarch | libc-devtools-dbgsym | <Β 2.38-1ubuntu6.1 | UNKNOWN |
| Ubuntu | 23.10 | noarch | libc6-dbg | <Β 2.38-1ubuntu6.1 | UNKNOWN |
Related
fedora
fedora
[SECURITY] Fedora 39 Update: glibc-2.38-16.fc39
2024-02-01 01:56:23
[SECURITY] Fedora 38 Update: glibc-2.37-18.fc38
2024-02-01 01:25:47
osv
osv
glibc vulnerabilities
2024-02-01 12:41:59
glibc - security update
2024-01-30 00:00:00
CVE-2023-6780
2024-01-31 14:15:48
openvas
openvas
Fedora: Security Advisory for glibc (FEDORA-2024-07597a0fb3)
2024-02-02 00:00:00
Debian: Security Advisory (DSA-5611-1)
2024-01-31 00:00:00
Fedora: Security Advisory (FEDORA-2024-aec80d6e8a)
2024-02-02 00:00:00
f5
f5
nessus
nessus
Ubuntu 23.10 : GNU C Library vulnerabilities (USN-6620-1)
2024-02-01 00:00:00
Debian dsa-5611 : glibc-doc - security update
2024-01-30 00:00:00
Fedora 38 : glibc (2024-07597a0fb3)
2024-02-01 00:00:00
mageia
mageia
Updated glibc packages fix security vulnerabilities
2024-02-04 05:49:27
debian
debian
[SECURITY] [DSA 5611-1] glibc security update
2024-01-30 18:33:49
photon
photon
Critical Photon OS Security Update - PHSA-2024-5.0-0197
2024-01-31 00:00:00
gentoo
gentoo
glibc: Multiple Vulnerabilities
2024-02-02 00:00:00
thn
thn
New Glibc Flaw Grants Attackers Root Access on Major Linux Distros
2024-01-31 05:44:00
qualysblog
qualysblog
Qualys TRU Discovers Important Vulnerabilities in GNU C Libraryβs syslog()
2024-01-30 18:31:05
redhatcve
redhatcve
packetstorm
packetstorm
glibc syslog() Heap-Based Buffer Overflow
2024-01-31 00:00:00
glibc qsort() Out-Of-Bounds Read / Write
2024-01-31 00:00:00
ubuntucve
ubuntucve
cve
cve
debiancve
debiancve
cbl_mariner
cbl_mariner
CVE-2023-6780 affecting package glibc for versions less than 2.38-6
2024-07-02 23:30:04
CVE-2023-6779 affecting package glibc for versions less than 2.38-6
2024-07-02 23:30:04
CVE-2023-6246 affecting package glibc for versions less than 2.38-6
2024-07-02 23:30:04
wolfi
wolfi
CVE-2023-6780 vulnerabilities
2024-09-28 03:12:03
CVE-2023-6246 vulnerabilities
2024-09-28 03:12:03
CVE-2023-6779 vulnerabilities
2024-09-28 03:12:03
prion
prion
nvd
nvd
cvelist
cvelist
CVE-2023-6246 Glibc: heap-based buffer overflow in __vsyslog_internal()
2024-01-31 14:06:21
CVE-2023-6780 Glibc: integer overflow in __vsyslog_internal()
2024-01-31 14:08:02
zdt
zdt
glibc qsort() Out-Of-Bounds Read / Write Exploit
2024-01-31 00:00:00
glibc syslog() Heap-Based Buffer Overflow Exploit
2024-01-31 00:00:00
cgr
cgr
CVE-2023-6246 vulnerabilities
2024-05-19 03:07:16
CVE-2023-6780 vulnerabilities
2024-05-19 03:07:16
CVE-2023-6779 vulnerabilities
2024-05-19 03:07:16
cnvd
cnvd
Heap Overflow Vulnerability in Glibc
2024-02-01 00:00:00
attackerkb
attackerkb
CVE-2021-3156 "Baron Samedit"
2021-01-26 00:00:00
avleonov
avleonov
ibm
ibm
oracle
oracle
Oracle Critical Patch Update Advisory - April 2024
2024-04-16 00:00:00
CVSS3
8.4
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
7.1
Confidence
High
EPSS
0.01
Percentile
83.9%
Related for USN-6620-1