UBUNTU-CVE-2023-6780

See a problem?
Please try reporting it to the source first.

Source

https://ubuntu.com/security/CVE-2023-6780

Import Source

https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2023/UBUNTU-CVE-2023-6780.json

JSON Data

https://api.osv.dev/v1/vulns/UBUNTU-CVE-2023-6780

Upstream

CVE-2023-6780

Related

USN-6620-1

Published

2024-01-31T00:00:00Z

Modified

2025-09-08T16:56:01Z

Severity

5.3 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L CVSS Calculator
5.3 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L CVSS Calculator
Ubuntu - medium

Summary

[none]

Details

An integer overflow was found in the _vsysloginternal function of the glibc library. This function is called by the syslog and vsyslog functions. This issue occurs when these functions are called with a very long message, leading to an incorrect calculation of the buffer size to store the message, resulting in undefined behavior. This issue affects glibc 2.37 and newer.

References

Affected packages

Ubuntu:24.04:LTS / glibc

Package

Name: glibc
Purl: pkg:deb/ubuntu/glibc@2.39-0ubuntu1?arch=source&distro=noble

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.39-0ubuntu1

Affected versions

2.*

2.38-1ubuntu6

2.38-3ubuntu1

Ecosystem specific

{
    "binaries": [
        {
            "binary_name": "glibc-source",
            "binary_version": "2.39-0ubuntu1"
        },
        {
            "binary_name": "libc-bin",
            "binary_version": "2.39-0ubuntu1"
        },
        {
            "binary_name": "libc-dev-bin",
            "binary_version": "2.39-0ubuntu1"
        },
        {
            "binary_name": "libc-devtools",
            "binary_version": "2.39-0ubuntu1"
        },
        {
            "binary_name": "libc6",
            "binary_version": "2.39-0ubuntu1"
        },
        {
            "binary_name": "libc6-amd64",
            "binary_version": "2.39-0ubuntu1"
        },
        {
            "binary_name": "libc6-dev",
            "binary_version": "2.39-0ubuntu1"
        },
        {
            "binary_name": "libc6-dev-amd64",
            "binary_version": "2.39-0ubuntu1"
        },
        {
            "binary_name": "libc6-dev-i386",
            "binary_version": "2.39-0ubuntu1"
        },
        {
            "binary_name": "libc6-dev-s390",
            "binary_version": "2.39-0ubuntu1"
        },
        {
            "binary_name": "libc6-dev-x32",
            "binary_version": "2.39-0ubuntu1"
        },
        {
            "binary_name": "libc6-i386",
            "binary_version": "2.39-0ubuntu1"
        },
        {
            "binary_name": "libc6-s390",
            "binary_version": "2.39-0ubuntu1"
        },
        {
            "binary_name": "libc6-x32",
            "binary_version": "2.39-0ubuntu1"
        },
        {
            "binary_name": "locales",
            "binary_version": "2.39-0ubuntu1"
        },
        {
            "binary_name": "locales-all",
            "binary_version": "2.39-0ubuntu1"
        },
        {
            "binary_name": "nscd",
            "binary_version": "2.39-0ubuntu1"
        }
    ],
    "availability": "No subscription required"
}