Several Linux distributions are at risk of exploits due to a vulnerability discovered in the GNU C Library dynamic loader. This is according to several proof-of-concepts from security specialists.
Recently, security specialists at Qualys’ Threat Research Unit discovered a critical vulnerability in the GNU C Library dynamic loader. The vulnerability dubbed CVE-2023-4911 is a buffer overflow that can cause hackers to gain root privileges in several well-known Linux distributions.
Loony Tunables
The vulnerability, named Loony Tunables, can be triggered when hackers run a malicious GLIBC_TUNABLES environment variable through the ld.so dynamic loader. They can then run arbitrary code with root privileges by launching binaries with SUID permissions.
Multiple proof-of-concepts
After the publication of this vulnerability, security specialists set to work creating proof-of-concepts to see what the implications of CVE-2023-4911 are. This showed that several Linux distributions are vulnerable.
The exploits created have been successfully tested against Debian versions 12 and 13, Ubuntu versions 22.04 and 23.04, and Fedora versions 37 and 38. The specialists have also developed further successful exploits based on the vulnerability that can attack other Linux versions.
Admins are urged to act quickly against this vulnerability and update their Linux distros quickly.
Also read: Hundreds of thousands of mail servers vulnerable due to Exim bug
2 days ago
