GNU C Library flaw allows local attackers to gain root access on Linux distros

A critical local privilege escalation (LPE) vulnerability has been identified in the GNU C Library (glibc), posing a severe risk across multiple major Linux distributions in their default configurations.

This flaw, tracked as CVE-2023-6246 (CVSS score 7.8) , stems from a heap-based buffer overflow within glibc's `__vsyslog_internal()` function. This function, integral to the syslog and vsyslog mechanisms for logging system messages, became susceptible due to an inadvertent error first introduced in glibc version 2.37 in August 2022.

This error was then backported to version 2.36 while addressing a previous, less critical vulnerability identified as CVE-2022-39046.

The flaw enables local users without privileged access to execute a privilege escalation, potentially obtaining root access by manipulating applications that invoke these logging functions. Although exploitation requires precise conditions—such as an exceptionally long `argv[0]` or `openlog()` ident argument—the ubiquity of the vulnerable library exposes a lot of systems to exploit.

Security researchers from Qualys, who discovered this flaw, have successfully demonstrated exploitability on Debian (versions 12 and 13), Ubuntu (versions 23.04 and 23.10), and Fedora (versions 37 to 39), indicating that default installations of these distributions are at risk. It is anticipated that additional Linux distributions could also be susceptible to CVE-2023-6246.

There is no patch at this moment, so local access to Linux systems is potentially a point of risk - especially for multi-user terminal accessible Linux systems. Administrators should apply patches to their Linux systems in the next period as they are relased.