Qualys researchers have uncovered a critical local privilege escalation (LPE) vulnerability, tracked as CVE-2023-6246, in the GNU C Library (glibc) affecting multiple major Linux distributions in default configurations. The vulnerability, a heap-based buffer overflow in the __vsyslog_internal() function, is present in glibc versions 2.37 and 2.36. Attackers with unprivileged access can exploit this flaw to gain full root access by manipulating applications that use syslog and vsyslog functions. Debian 12 and 13, Ubuntu 23.04 and 23.10, and Fedora 37 to 39 have been confirmed as vulnerable, emphasizing the widespread impact.
The vulnerability, introduced inadvertently in August 2022 and later backported, poses a significant threat as it allows local privilege escalation. The Qualys researchers noted that while specific conditions are required for exploitation, such as an unusually long argv[0] or openlog() ident argument, the impact is substantial due to the broad use of the affected library. During their testing, the researchers confirmed the vulnerability’s existence in Debian, Ubuntu, and Fedora, and they believe that other distributions are likely exploitable. The findings underscore the critical importance of stringent security measures, particularly for core libraries used extensively across diverse systems and applications.
In addition to CVE-2023-6246, Qualys identified three other vulnerabilities in the glibc, including two in the __vsyslog_internal() function (CVE-2023-6779 and CVE-2023-6780) and a third (awaiting a CVEID) in the glibc’s qsort() function. While the two in __vsyslog_internal() are harder to exploit, they contribute to the overall security risk. The researchers emphasize the need for strict security practices in software development, particularly for core libraries that play a crucial role in diverse systems and applications. Qualys has previously discovered Linux vulnerabilities, such as Looney Tunables, PwnKit, Sequoia, and the Sudo Unix program, highlighting the persistent risks in Linux security.
This discovery adds to the series of Linux vulnerabilities identified by Qualys, showcasing the importance of maintaining robust security measures, especially for widely-used core libraries in Linux distributions. The LPE vulnerability in glibc presents a serious threat, requiring immediate attention and patching to mitigate the risk of unprivileged attackers gaining root access on affected Linux systems. The impact spans major distributions, making it crucial for organizations and Linux users to promptly apply recommended patches and updates to secure their systems against potential exploitation.
