A new Linux vulnerability known as 'Looney Tunables' enables local attackers to gain root privileges by exploiting a buffer overflow weakness in the GNU C Library's ld.so dynamic loader.
the vulnerability has existed since its introduction in April 2021, putting a significant number of systems at risk
Follow
Qualys TRU has demonstrated successful exploitation of this vulnerability on default installations of several Linux distributions, including Fedora 37 and 38, Ubuntu 22.04 and 23.04, and Debian 12 and 13