vulnerability
VMware Photon OS: CVE-2023-6779
Severity | CVSS | Published | Added | Modified |
---|---|---|---|---|
8 | (AV:N/AC:L/Au:N/C:N/I:P/A:C) | Jan 31, 2024 | Jan 20, 2025 | Feb 4, 2025 |
Severity
8
CVSS
(AV:N/AC:L/Au:N/C:N/I:P/A:C)
Published
Jan 31, 2024
Added
Jan 20, 2025
Modified
Feb 4, 2025
Description
An off-by-one heap-based buffer overflow was found in the __vsyslog_internal function of the glibc library. This function is called by the syslog and vsyslog functions. This issue occurs when these functions are called with a message bigger than INT_MAX bytes, leading to an incorrect calculation of the buffer size to store the message, resulting in an application crash. This issue affects glibc 2.37 and newer.
Solution
vmware-photon_os_update_tdnf

NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.