CVE-2023-6246

NameCVE-2023-6246
DescriptionA heap-based buffer overflow was found in the __vsyslog_internal function of the glibc library. This function is called by the syslog and vsyslog functions. This issue occurs when the openlog function was not called, or called with the ident argument set to NULL, and the program name (the basename of argv[0]) is bigger than 1024 bytes, resulting in an application crash or local privilege escalation. This issue affects glibc 2.36 and newer.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
ReferencesDSA-5611-1

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
glibc (PTS)jessie, jessie (lts)2.19-18+deb8u14fixed
stretch (security)2.24-11+deb9u1fixed
stretch (lts), stretch2.24-11+deb9u7fixed
buster (security), buster, buster (lts)2.28-10+deb10u4fixed
bullseye2.31-13+deb11u11fixed
bullseye (security)2.31-13+deb11u10fixed
bookworm2.36-9+deb12u8fixed
bookworm (security)2.36-9+deb12u7fixed
sid, trixie2.40-3fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
glibcsourcejessie(not affected)
glibcsourcestretch(not affected)
glibcsourcebuster(not affected)
glibcsourcebullseye(not affected)
glibcsourcebookworm2.36-9+deb12u4DSA-5611-1
glibcsource(unstable)2.37-15

Notes

[bullseye] - glibc <not-affected> (Vulnerable code not present)
[buster] - glibc <not-affected> (Vulnerable code not present)
https://www.qualys.com/2024/01/30/syslog
Introduced by: https://sourceware.org/git?p=glibc.git;a=commit;h=52a5be0df411ef3ff45c10c7c308cb92993d15b1
Fixed by: https://sourceware.org/git?p=glibc.git;a=commit;h=6bd0e4efcc78f3c0115e5ea9739a1642807450da
https://sourceware.org/pipermail/libc-announce/2024/000037.html
https://sourceware.org/git/?p=glibc.git;a=blob_plain;f=advisories/GLIBC-SA-2024-0001;hb=HEAD
https://sourceware.org/cgit/glibc/tree/advisories/GLIBC-SA-2024-0001
[stretch] - glibc <not-affected> (Vulnerable code not present)
[jessie] - glibc <not-affected> (Vulnerable code not present)

Search for package or bug name: Reporting problems