Destructive regional attackers can attain whole root accessibility on Linux machines by having benefit of a recently disclosed security flaw in the GNU C library (aka glibc).
Tracked as CVE-2023-6246, the heap-based mostly buffer overflow vulnerability is rooted in glibc’s __vsyslog_inside() perform, which is utilised by syslog() and vsyslog() for technique logging functions. It can be claimed to have been unintentionally launched in August 2022 with the launch of glibc 2.37.
“This flaw allows regional privilege escalation, enabling an unprivileged consumer to acquire comprehensive root accessibility,” Saeed Abbasi, product or service manager of the Threat Research Unit at Qualys, explained, introducing it impacts significant Linux distributions like Debian, Ubuntu, and Fedora.
A threat actor could exploit the flaw to receive elevated permissions by means of specifically crafted inputs to programs that use these logging functions.
“Though the vulnerability needs certain circumstances to be exploited (this kind of as an unusually very long argv[0] or openlog() ident argument), its influence is significant due to the common use of the afflicted library,” Abbasi observed.
The cybersecurity firm reported more investigation of glibc unearthed two far more flaws in the __vsyslog_internal() perform (CVE-2023-6779 and CVE-2023-6780) and a third bug in the library’s qsort () functionality that can guide to memory corruption.
The vulnerability identified in qsort() has afflicted all glibc variations released given that 1992.
The development will come approximately four months soon after Qualys specific a further significant-severity flaw in the very same library identified as Looney Tunables (CVE-2023-4911, CVSS score: 7.8) that could consequence in privilege escalation.
“These flaws emphasize the critical want for rigid security steps in application advancement, specially for main libraries extensively made use of throughout lots of methods and applications,” Abbasi claimed.
Discovered this post attention-grabbing? Follow us on Twitter and LinkedIn to read through extra unique articles we write-up.
Some parts of this article are sourced from:
thehackernews.com