A newly discovered heap-based buffer overflow in the glibc's __vsyslog_internal() function, called by syslog() and vsyslog(), poses a significant security risk. Identified as CVE-2023-6246, this vulnerability was inadvertently introduced in glibc versions 2.37 and backported to 2.36. **Impact:** - Allows for Local Privilege Escalation to root from an unprivileged user. - Affects common distributions like Debian 12 & 13, Ubuntu 23.04 & 23.10, and Fedora 37 to 39. - Requires local network access; remote exploitation is highly unlikely. **Mitigation:** - Review and apply necessary patches immediately. - Monitor system logs for unusual activities.