New Glibc Flaw Grants Attackers Root Access on Major Linux Distros

Malicious local attackers can obtain full root access on Linux machines by taking advantage of a newly disclosed security flaw in the GNU C library (aka glibc). Tracked as CVE-2023-6246 (CVSS score: 7.8), the heap-based buffer overflow vulnerability is rooted in glibc's __vsyslog_internal() function, which is used by syslog() and vsyslog() for system logging purposes. It's said to have

Serious Security: GnuTLS follows OpenSSL, fixes timing attack bug

Conditional code considered cryptographically counterproductive.

GnuTLS patches memory mismanagement bug – update now!

GnuTLS may well be the most widespread cryptographic toolkit you've never heard of. Learn more...