Exploits released for Linux flaw giving root on major distros
05-Oct-23
Proof-of-concept exploits for a high-severity issue in GNU C Library’s dynamic loader have already leaked online, allowing local attackers to gain root capabilities on key Linux distributions. When launching binaries with SUID authorization, attackers can use a maliciously engineered GLIBC_TUNABLES environment variable processed by the ld.so dynamic loader to gain arbitrary code execution with root capabilities.
This security vulnerability, dubbed ‘Looney Tunables’ and tagged as CVE-2023-4911, is caused by a buffer overflow flaw that affects default installations of Debian 12 and 13, Ubuntu 22.04 and 23.04, and Fedora 37 and 38. Several security researchers have already published proof-of-concept (PoC) exploit code that works for specific system configurations since Qualys’ Threat Research Unit disclosed it on Tuesday.
