all InfoSec news
“Looney Tunables” bug allows root access on Linux distros (CVE-2023-4911)
Help Net Security www.helpnetsecurity.com
A vulnerability (CVE-2023-4911) in the GNU C Library (aka “glibc”) can be exploited by attackers to gain root privileges on many popular Linux distributions, according to Qualys researchers. About CVE-2023-4911 Dubbed “Looney Tunables”, CVE-2023-4911 is a buffer overflow vulnerability in the dynamic loader’s processing of the GLIBC_TUNABLES environment variable. To exploit it, attackers first need to establish access to the system. “The GNU C Library, commonly known as glibc, is the C library in the … More
The post …
access attackers buffer buffer overflow buffer overflow vulnerability bug cve debian distributions don't miss dynamic environment environment variable exploited fedora glibc gnu hot stuff library linux linux distributions linux distros loader looney tunables overflow poc popular privileges qualys red hat researchers root root access security update ubuntu variable vulnerability