- Vulnerability/
- USN-6620-1
USN-6620-1: GNU C Library vulnerabilities
First published: Thu Feb 01 2024(Updated: )
It was discovered that the GNU C Library incorrectly handled the syslog() function call. A local attacker could use this issue to execute arbitrary code and possibly escalate privileges.
| Affected Software | Affected Version | How to fix |
|---|---|---|
| All of | ||
| ubuntu/libc6 | <2.38-1ubuntu6.1 | 2.38-1ubuntu6.1 |
| Ubuntu | =23.10 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Child vulnerabilities
(Contains the following vulnerabilities)
Frequently Asked Questions
What is the severity of USN-6620-1?
The severity of USN-6620-1 is high due to the potential for local code execution and privilege escalation.
How do I fix USN-6620-1?
To fix USN-6620-1, update the GNU C Library package to version 2.38-1ubuntu6.1 on Ubuntu 23.10.
Which systems are affected by USN-6620-1?
USN-6620-1 affects Ubuntu 23.10 systems that use libc6 version prior to 2.38-1ubuntu6.1.
Can USN-6620-1 be exploited remotely?
No, USN-6620-1 requires local access to the system to exploit the vulnerability.
What does USN-6620-1 involve in terms of security risks?
USN-6620-1 involves risks of arbitrary code execution which can lead to privilege escalation on the affected system.
- agent/title
- agent/references
- agent/last-modified-date
- agent/severity
- agent/type
- agent/description
- agent/first-publish-date
- agent/event
- agent/trending
- agent/source
- agent/softwarecombine
- agent/tags
- collector/usn
- source/Ubuntu
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- package-manager/ubuntu
- vendor/ubuntu
- canonical/ubuntu
- version/ubuntu/23.10