New Glibc Flaw Grants Attackers Root Access on Major Linux Distros

By Newsroom — January 31^st 2024 at 05:44

Malicious local attackers can obtain full root access on Linux machines by taking advantage of a newly disclosed security flaw in the GNU C library (aka glibc). Tracked as CVE-2023-6246 (CVSS score: 7.8), the heap-based buffer overflow vulnerability is rooted in glibc's __vsyslog_internal() function, which is used by syslog() and vsyslog() for system logging purposes. It's said to have

Naked Security

Serious Security: GnuTLS follows OpenSSL, fixes timing attack bug

By Paul Ducklin — February 13^th 2023 at 17:59

Conditional code considered cryptographically counterproductive.

Naked Security

GnuTLS patches memory mismanagement bug – update now!

By Paul Ducklin — August 1^st 2022 at 16:55

GnuTLS may well be the most widespread cryptographic toolkit you've never heard of. Learn more...

FreshRSS

New Glibc Flaw Grants Attackers Root Access on Major Linux Distros

Serious Security: GnuTLS follows OpenSSL, fixes timing attack bug

GnuTLS patches memory mismanagement bug – update now!