A vulnerability called Looney Tunables was recently exposed, with the tracking number CVE-2023-4911, and mainstream Linux distributions including Debian 12/13, Ubuntu 22.04/23.04 and Fedora 37/38 have been affected.
This vulnerability exists in the GNU C library dynamic loader. A local attacker can use this vulnerability to create a buffer overflow and gain root privileges.
An attacker can use the GLIBC_TUNABLES environment variable triggered by the ld. so the dynamic loader executes arbitrary code with root privileges when installing files with SUID permissions.
Qualys disclosed the vulnerability on Tuesday, and several security researchers have released proof-of-concept (PoC) exploit code for certain system configurations.
Independent security researcher Peter Geissler (blast) released PoC code earlier today and confirmed that it is possible to attack Linux distributions.
