CVE-2023-6246

Name	CVE-2023-6246
Description	A heap-based buffer overflow was found in the __vsyslog_internal function of the glibc library. This function is called by the syslog and vsyslog functions. This issue occurs when the openlog function was not called, or called with the ident argument set to NULL, and the program name (the basename of argv[0]) is bigger than 1024 bytes, resulting in an application crash or local privilege escalation. This issue affects glibc 2.36 and newer.
Source	CVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
References	DSA-5611-1

Vulnerable and fixed packages

The table below lists information on source packages.

Source Package	Release	Version	Status
glibc (PTS)	buster	2.28-10+deb10u1	fixed
	buster (security)	2.28-10+deb10u2	fixed
	bullseye	2.31-13+deb11u8	fixed
	bullseye (security)	2.31-13+deb11u9	fixed
	bookworm	2.36-9+deb12u4	fixed
	bookworm (security)	2.36-9+deb12u6	fixed
	sid, trixie	2.37-18	fixed

The information below is based on the following data on fixed versions.

Package	Type	Release	Fixed Version	Origin
glibc	source	buster	(not affected)
glibc	source	bullseye	(not affected)
glibc	source	bookworm	2.36-9+deb12u4	DSA-5611-1
glibc	source	(unstable)	2.37-15

Notes

[bullseye] - glibc <not-affected> (Vulnerable code not present)
[buster] - glibc <not-affected> (Vulnerable code not present)
https://www.qualys.com/2024/01/30/syslog
Introduced by: https://sourceware.org/git?p=glibc.git;a=commit;h=52a5be0df411ef3ff45c10c7c308cb92993d15b1
Fixed by: https://sourceware.org/git?p=glibc.git;a=commit;h=6bd0e4efcc78f3c0115e5ea9739a1642807450da
https://sourceware.org/pipermail/libc-announce/2024/000037.html
https://sourceware.org/git/?p=glibc.git;a=blob_plain;f=advisories/GLIBC-SA-2024-0001;hb=HEAD
https://sourceware.org/cgit/glibc/tree/advisories/GLIBC-SA-2024-0001