Debian Security Advisory 5611-1

Debian Linux Security Advisory 5611-1 - The Qualys Research Labs discovered several vulnerabilities in the GNU C Library's __vsyslog_internal() function (called by syslog() and vsyslog()). A heap-based buffer overflow (CVE-2023-6246), an off-by-one heap overflow (CVE-2023-6779) and an integer overflow (CVE-2023-6780) can be exploited for privilege escalation or denial of service.

advisory buffer buffer overflow called can cve cve-2023-6246 debian debian linux security denial of service escalation exploited function gnu integer integer overflow labs library linux linux security overflow privilege privilege escalation qualys research research labs security security advisory service syslog vulnerabilities