Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An issue was discovered in the GNU C Library (glibc) 2.36. When the syslog function is passed a crafted input string larger than 1024 bytes, it reads uninitialized memory from the heap and prints it to the target log file, potentially revealing a portion of the contents of the heap.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Vulnerability Type
N/A
Vulnerability Title
GNU C Library 日志信息泄露漏洞
Vulnerability Description
GNU C Library(glibc,libc6)是一种按照LGPL许可协议发布的开源免费的C语言编译程序。 GNU C Library (glibc) 2.36版本存在安全漏洞,该漏洞源于当syslog函数被传递一个大于1024字节的精心设计的输入字符串时,它会从堆中读取未初始化的内存并将其打印到目标日志文件中,这可能会暴露堆中的部分内容。
CVSS Information
N/A
Vulnerability Type
N/A