VDB
DEBIAN-CVE-2023-6780
DEBIAN-CVE-2023-6780
PUBLISHED
CVSS 5.300000190734863 MEDIUM
An integer overflow was found in the __vsyslog_internal function of the glibc library. This function is called by the syslog and vsyslog functions. This issue occurs when these functions are called with a very long message, leading to an incorrect calculation of the buffer size to store the message, resulting in undefined behavior. This issue affects glibc 2.37 and newer.
Risk Scores
CVSS 3.1
5.300000190734863
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Debian:12 | glibc | 2.36-9+deb12u1, *, 2.36-9+deb12u2 |
| Debian:13 | glibc | 0, 0, 0 |
| Debian:14 | glibc | 0, 0, 0 |
Timeline
- Jan 31, 2024 CVE Published
- Apr 28, 2026 CVE Updated