+++
title = "20240131"
# description = ""
date = 2024-01-31
# updated = 2024-01-31
[taxonomies]
tags = ["shortnotes"]
+++

Signal boosting this in case someone *hasn't* seen it: 
there's a new flat in glibc (one of, if not *the*, most common library on Linux) that allows local privilege escalation.
The latest versions of Fedora, Debian, and Ubuntu are all affected so update if you can.

Relevant links:
- [https://www.bleepingcomputer.com/news/security/new-linux-glibc-flaw-lets-attackers-get-root-on-major-distros/](https://www.bleepingcomputer.com/news/security/new-linux-glibc-flaw-lets-attackers-get-root-on-major-distros/)
- [https://www.qualys.com/2024/01/30/cve-2023-6246/syslog.txt](https://www.qualys.com/2024/01/30/cve-2023-6246/syslog.txt)