Updated: 2025-02-07 20:01:43.415698
Description:
An integer overflow was found in the __vsyslog_internal function of the glibc library. This function is called by the syslog and vsyslog functions. This issue occurs when these functions are called with a very long message, leading to an incorrect calculation of the buffer size to store the message, resulting in undefined behavior. This issue affects glibc 2.37 and newer.
| Links | NIST | CIRCL | RHEL | Ubuntu |
| Severity | Score | |
|---|---|---|
| CVSS Version 2.x | 0 | |
| CVSS Version 3.x | MEDIUM | 5.3 |
| OS name | Project name | Version | Score | Severity | Status | Errata | Last updated | Statement |
|---|---|---|---|---|---|---|---|---|
| AlmaLinux 9.2 ESU | glibc | 2.34 | 5.3 | MEDIUM | Not Vulnerable | 2024-02-12 04:08:39 | ||
| CentOS 6 ELS | glibc | 2.12 | 5.3 | MEDIUM | Not Vulnerable | 2024-02-12 04:08:44 | ||
| CentOS 8.4 ELS | glibc | 2.28 | 5.3 | MEDIUM | Not Vulnerable | 2024-02-12 04:08:39 | ||
| CentOS 8.5 ELS | glibc | 2.28 | 5.3 | MEDIUM | Not Vulnerable | 2024-02-12 04:08:44 | ||
| CloudLinux 6 ELS | glibc | 2.12 | 5.3 | MEDIUM | Not Vulnerable | 2024-02-12 04:08:39 | ||
| Oracle Linux 6 ELS | glibc | 2.12 | 5.3 | MEDIUM | Not Vulnerable | 2024-02-12 04:08:39 | ||
| Ubuntu 16.04 ELS | glibc | 2.23-0 | 5.3 | MEDIUM | Not Vulnerable | 2024-02-12 10:08:32 | ||
| Ubuntu 18.04 ELS | glibc | 2.27-3 | 5.3 | MEDIUM | Not Vulnerable | 2024-02-12 10:08:32 |