**⇄ Σ = Mᄃ² ⇆** @[email protected] · 2023-10-04T02:34:22Z

⇄ Σ = Mᄃ² ⇆ @[email protected]

A new Linux vulnerability known as 'Looney Tunables' enables local attackers to gain root privileges by exploiting a buffer overflow weakness in the GNU C Library's ld.so dynamic loader.

#Linux #CoSoSec

the vulnerability has existed since its introduction in April 2021, putting a significant number of systems at risk

https://access.redhat.com/security/cve/cve-2023-4911

f002981bde7a30ee.png?1696386744

Oct 04, 2023, 02:34 · 1· 1· 3

**⇄ Σ = Mᄃ² ⇆** @[email protected] · Oct 04, 2023, 02:34

**⇄ Σ = Mᄃ² ⇆** @[email protected] · Oct 04, 2023, 02:34

Oct 04, 2023, 02:34

⇄ Σ = Mᄃ² ⇆ @[email protected]

Qualys TRU has demonstrated successful exploitation of this vulnerability on default installations of several Linux distributions, including Fedora 37 and 38, Ubuntu 22.04 and 23.04, and Debian 12 and 13

https://blog.qualys.com/vulnerabilities-threat-research/2023/10/03/cve-2023-4911-looney-tunables-local-privilege-escalation-in-the-glibcs-ld-so#potential-impact-of-looney-tunables

Resources

Developers

What is CounterSocial?

counter.social

More…