Fortra’s Alert Logic is actively researching a new local privilege escalation vulnerability, nicknamed “Looney Tunables”, in GNU C Library. This vulnerability, CVE-2023-4911, could allow an attacker to exploit a buffer overflow in the GNU C Library’s dynamic loader and gain root permission on a Linux installation.
A buffer overflow was discovered in GNU C Library’s dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. By exploiting this issue, a local attacker could use maliciously crafted GLIBC_TUNABLES environment variables when launching binaries with SUID permission to execute code with elevated privileges.
Alert Logic Coverage
Vulnerability Scanning: Alert Logic has released coverage for Linux distributions on internal authenticated scans.
Recommendations for Mitigation
Distros have released patches to remediate this vulnerability. It is recommended to apply updates as soon as possible.
For more information, refer to the Red Hat security advisory.
This section will be updated with new information about this vulnerability and related Alert Logic coverage as it becomes available. To follow updates for this vulnerability, click FOLLOW at the top of this article. You must be signed into the Support Center using your Alert Logic product credentials to follow this article.