Qualys researchers discovered a root access flaw, tracked as CVE-2023-6246, in GNU Library C (glibc) affecting multiple Linux distributions.
  • PlexSheep@feddit.de
    2·
    11 months ago

    That’s not the main part of the article, just a footnote, for anyone wondering.

    The flaw resides in the glibc’s syslog function, an attacker can exploit the flaw to gain root access through a privilege escalation.

    The vulnerability was introduced in glibc 2.37 in August 2022.

      • PlexSheep@feddit.de
        1·
        11 months ago

        You are probably confusing the glibc with gcc and g++. Glibc is an implementation of the C standard library, made by GNU (thats where the g in the name comes from).

        If you were to look into it, it uses the syscalls to tell the underlying computer system what to do when you call functions, such as printf.

        If you want to read more, see here