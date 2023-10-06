Researchers are urging security teams to prioritize the patching of a buffer overflow flaw in GNU C Library (glibc) that is what they call “a pressing concern” for numerous Linux distributions.

Glibc, which is the C library implementation in the GNU system, defines system calls and other basic functionalities and exists in most systems running the Linux kernel. This flaw is severe due to both its impact and the extensive use of glibc across Linux distributions. If exploited, the flaw could allow local attackers to gain full root access on popular Linux platforms, and researchers with Qualys said they have identified the flaw on the default installations of Fedora 37 and 38, Ubuntu 22.04 and 23.04, and Debian 12 and 13.

In a coordinated effort on Wednesday, multiple platforms released patches for the flaw, including Debian, Ubuntu and Red Hat. Qualys said it has held on publishing proof-of-concept (PoC) exploit code on the flaw, but several other security researchers have released their own exploit code.