CVE-2023-6246

EUVD-2023-58491
A heap-based buffer overflow was found in the __vsyslog_internal function of the glibc library. This function is called by the syslog and vsyslog functions. This issue occurs when the openlog function was not called, or called with the ident argument set to NULL, and the program name (the basename of argv[0]) is bigger than 1024 bytes, resulting in an application crash or local privilege escalation. This issue affects glibc 2.36 and newer.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
8.4 HIGH
LOCAL
LOW
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
redhatCNA
8.4 HIGH
LOCAL
LOW
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 95%
Affected Products (NVD)
VendorProductVersion
gnuglibc
2.36 ≤
𝑥
< 2.39
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
glibc
bookworm
2.36-9+deb12u9
fixed
bookworm (security)
2.36-9+deb12u7
fixed
bullseye
2.31-13+deb11u11
not-affected
bullseye (security)
2.31-13+deb11u10
fixed
buster
not-affected
sid
2.40-4
fixed
trixie
2.40-4
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
eglibc
bionic
dne
focal
dne
jammy
dne
mantic
dne
noble
dne
trusty
not-affected
xenial
dne
glibc
bionic
not-affected
focal
not-affected
jammy
not-affected
mantic
Fixed 2.38-1ubuntu6.1
released
noble
Fixed 2.39-0ubuntu1
released
trusty
dne
xenial
not-affected
Common Weakness Enumeration
References
http://packetstormsecurity.com/files/176931/glibc-qsort-Out-Of-Bounds-Read-Write.html
http://packetstormsecurity.com/files/176932/glibc-syslog-Heap-Based-Buffer-Overflow.html
http://seclists.org/fulldisclosure/2024/Feb/3
http://seclists.org/fulldisclosure/2024/Feb/5
https://access.redhat.com/security/cve/CVE-2023-6246
https://bugzilla.redhat.com/show_bug.cgi?id=2249053
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2FIH77VHY3KCRROCXOT6L27WMZXSJ2G/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MWQ6BZJ6CV5UAW4VZSKJ6TO4KIW2KWAQ/
https://security.gentoo.org/glsa/202402-01
https://security.netapp.com/advisory/ntap-20240216-0007/
https://www.openwall.com/lists/oss-security/2024/01/30/6
https://www.qualys.com/2024/01/30/cve-2023-6246/syslog.txt
http://packetstormsecurity.com/files/176931/glibc-qsort-Out-Of-Bounds-Read-Write.html
http://packetstormsecurity.com/files/176932/glibc-syslog-Heap-Based-Buffer-Overflow.html
http://seclists.org/fulldisclosure/2024/Feb/3
http://seclists.org/fulldisclosure/2024/Feb/5
https://access.redhat.com/security/cve/CVE-2023-6246
https://bugzilla.redhat.com/show_bug.cgi?id=2249053
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2FIH77VHY3KCRROCXOT6L27WMZXSJ2G/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MWQ6BZJ6CV5UAW4VZSKJ6TO4KIW2KWAQ/
https://security.gentoo.org/glsa/202402-01
https://security.netapp.com/advisory/ntap-20240216-0007/
https://www.openwall.com/lists/oss-security/2024/01/30/6
https://www.qualys.com/2024/01/30/cve-2023-6246/syslog.txt