Glibc: heap-based buffer overflow in __vsyslog_internal()

Summary

CVE	CVE-2023-6246
State	PUBLISHED
Assigner	redhat
Source Priority	CVE Program / NVD first with legacy fallback
Published	2024-01-31 14:15:48 UTC
Updated	2026-05-12 11:16:18 UTC
Description	A heap-based buffer overflow was found in the __vsyslog_internal function of the glibc library. This function is called by the syslog and vsyslog functions. This issue occurs when the openlog function was not called, or called with the ident argument set to NULL, and the program name (the basename of argv[0]) is bigger than 1024 bytes, resulting in an application crash or local privilege escalation. This issue affects glibc 2.36 and newer.

Risk And Classification

Primary CVSS: v3.1 7.8 HIGH from [email protected]

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS: 0.254810000 probability, percentile 0.962680000 (date 2026-05-12)

Problem Types: CWE-122 | CWE-787 | CWE-122 Heap-based Buffer Overflow

Version	Source	Type	Score	Severity	Vector
3.1	[email protected]	Primary	7.8	HIGH	`CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H`
3.1	[email protected]	Secondary	8.4	HIGH	`CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H`
3.1	CNA	CVSS	8.4	HIGH	`CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H`

CVSS v3.1 Breakdown

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

NVD Known Affected Configurations (CPE 2.3)

Type	Vendor	Product	Version	Update	Edition	Language
Operating System	Fedoraproject	Fedora	38	All	All	All
Operating System	Fedoraproject	Fedora	39	All	All	All
Application	Gnu	Glibc	All	All	All	All

Vendor Declared Affected Products

Source	Vendor	Product	Version	Platforms
CNA	Na	Glibc	unaffected 2.39	Not specified
CNA	Red Hat	Red Hat Enterprise Linux 6	Not specified	Not specified
CNA	Red Hat	Red Hat Enterprise Linux 6	Not specified	Not specified
CNA	Red Hat	Red Hat Enterprise Linux 7	Not specified	Not specified
CNA	Red Hat	Red Hat Enterprise Linux 7	Not specified	Not specified
CNA	Red Hat	Red Hat Enterprise Linux 8	Not specified	Not specified
CNA	Red Hat	Red Hat Enterprise Linux 9	Not specified	Not specified
CNA	Fedora	Fedora	Not specified	Not specified
ADP	Siemens	SIMATIC S7-1500 CPU 1518-4 PN/DP MFP	affected V3.1.5 * custom	Not specified
ADP	Siemens	SIMATIC S7-1500 CPU 1518-4 PN/DP MFP	affected V3.1.5 * custom	Not specified
ADP	Siemens	SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP	affected V3.1.5 * custom	Not specified
ADP	Siemens	SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP	affected V3.1.5 * custom	Not specified
ADP	Siemens	SIPLUS S7-1500 CPU 1518-4 PN/DP MFP	affected V3.1.5 * custom	Not specified

References

Reference	Source	Link	Tags
oss-security - CVE-2023-6246: Heap-based buffer overflow in the glibc's syslog()	af854a3a-2127-422b-91ae-364da2661108	www.openwall.com	Exploit, Mailing List, Third Party Advisory
[SECURITY] Fedora 38 Update: glibc-2.37-18.fc38 - package-announce - Fedora Mailing-Lists	af854a3a-2127-422b-91ae-364da2661108	lists.fedoraproject.org	Mailing List
cert-portal.siemens.com/productcert/html/ssa-082556.html	0b142b55-0307-4c5a-b3c9-f314f3fb7c5e	cert-portal.siemens.com
[SECURITY] Fedora 39 Update: glibc-2.38-16.fc39 - package-announce - Fedora Mailing-Lists	af854a3a-2127-422b-91ae-364da2661108	lists.fedoraproject.org	Mailing List
glibc syslog() Heap-Based Buffer Overflow ≈ Packet Storm	af854a3a-2127-422b-91ae-364da2661108	packetstormsecurity.com	Exploit, Third Party Advisory, VDB Entry
glibc: Multiple Vulnerabilities (GLSA 202402-01) — Gentoo security	af854a3a-2127-422b-91ae-364da2661108	security.gentoo.org	Third Party Advisory
glibc qsort() Out-Of-Bounds Read / Write ≈ Packet Storm	af854a3a-2127-422b-91ae-364da2661108	packetstormsecurity.com	Exploit, Third Party Advisory, VDB Entry
security.netapp.com/advisory/ntap-20240216-0007	af854a3a-2127-422b-91ae-364da2661108	security.netapp.com
Full Disclosure: Out-of-bounds read & write in the glibc's qsort()	af854a3a-2127-422b-91ae-364da2661108	seclists.org	Exploit, Third Party Advisory
Full Disclosure: CVE-2023-6246: Heap-based buffer overflow in the glibc's syslog()	af854a3a-2127-422b-91ae-364da2661108	seclists.org	Exploit, Third Party Advisory
www.qualys.com/2024/01/30/cve-2023-6246/syslog.txt	af854a3a-2127-422b-91ae-364da2661108	www.qualys.com	Exploit, Third Party Advisory
cve-details	af854a3a-2127-422b-91ae-364da2661108	access.redhat.com	Third Party Advisory
2249053 – (CVE-2023-6246) CVE-2023-6246 glibc: heap-based buffer overflow in __vsyslog_internal()	af854a3a-2127-422b-91ae-364da2661108	bugzilla.redhat.com	Issue Tracking, Third Party Advisory
CVE Program record	CVE.ORG	www.cve.org	canonical
NVD vulnerability detail	NVD	nvd.nist.gov	canonical, analysis

Vendor Comments And Credit

Discovery Credit

CNA: Red Hat would like to thank Qualys Threat Research Unit for reporting this issue. (en)

Additional Advisory Data

Source	Time	Event
CNA	2023-11-06T00:00:00.000Z	Reported to Red Hat.
CNA	2024-01-30T00:00:00.000Z	Made public.

Legacy QID Mappings

200092 Ubuntu Security Notification for GNU C Library Vulnerabilities (USN-6620-1)
284891 Fedora Security Update for glibc (FEDORA-2024-07597a0fb3)
285008 Fedora Security Update for glibc (FEDORA-2024-aec80d6e8a)
379329 GNU C Library Multiple Vulnerabilities
6000458 Debian Security Update for glibc (DSA 5611-1)
6140307 AWS Bottlerocket Security Update for glibc (GHSA-cq5g-4jj8-qrp4)
710851 Gentoo Linux glibc Multiple Vulnerabilities (GLSA 202402-01)