@linux on Linux.Community @linux.community nkukard @linux.community 11mo ago

CVE-2023-4911: Looney Tunables - Local Privilege Escalation in the glibc’s ld.so | Qualys Security Blog

blog.qualys.com CVE-2023-4911: Looney Tunables - Local Privilege Escalation in the glibc’s ld.so | Qualys Security Blog

The Qualys Threat Research Unit (TRU) has discovered a buffer overflow vulnerability in GNU C Library's dynamic loader's processing of the GLIBC_TUNABLES environment variable.

Hacker News @derp.foo haxor @derp.foo

BOT

11mo ago

CVE-2023-4911: Looney Tunables – Local Privilege Escalation in the glibc’s ld.so

blog.qualys.com /vulnerabilities-threat-research/2023/10/03/cve-2023-4911-looney-tunables-local-privilege-escalation-in-the-glibcs-ld-so

1 0

2 comments

Has anyone tried the POC's for this on their systems? Just curious as to your success rate. I've been running 3 slightly difference POC's for the past 4 days and I'm still yet to drop to root on any of the 3 systems I'm trying on.
- @nkukard No, we haven't tried yet. :-)