
New Linux glibc flaw lets attackers get root on major distros
Unprivileged attackers can get root access on multiple major Linux distributions in default configurations by exploiting a newly disclosed local privilege escalation (LPE) vulnerability in the GNU C Library (glibc).
www.bleepingcomputer.com
https://m.boannews.com/html/detail.html?idx=126321

Qualys TRU Discovers Important Vulnerabilities in GNU C Library’s syslog() | Qualys Security Blog
The Qualys Threat Research Unit (TRU) has recently unearthed four significant vulnerabilities in the GNU C Library, a cornerstone for countless applications in the Linux environment.
blog.qualys.com
glibc의 __vsyslog_internal 함수가 원인
heap-based buffer overflow 이용해서 루트계정 탈취에 쓰일 수 있었다함
문제가 될 수 있는 배포판들은 Debian 12, 13 / Ubuntu 23.04, 23.10 / Fedora 37, 39
그래도 어찌저찌 보안패치는 끝낸듯하고 1/30에 공표
riir이 필요한 이유
ㄹㅇ
ㄹㅇㅋㅋ
그누 수듄 ㅉㅉ
취약해져버렷