Linux Distributions on Alert as "Looney Tunables" Vulnerability Threatens Root Access

Category: Vulnerability | Industry: Global | Sources: BleepingComputer & Qualys

A critical vulnerability residing within the GNU C Library's dynamic loader is revealed by the Qualys Threat Research Unit (TRU). This vulnerability specifically affects the processing of the GLIBC_TUNABLES environment variable. In Qualys' report, Qualys Product Manager, Saeed Abbasi explains the vulnerability tracked as CVE-2023-4911 enables local privilege escalation, ultimately granting full root privileges on affected systems. "Our successful exploitation, leading to full root privileges on major distributions like Fedora, Ubuntu, and Debian, highlights this vulnerability’s severity and widespread nature,” Abbasi warns in the report. While no exploit code has been released, Abbasi cautions “the ease with which the buffer overflow can be transformed into a data-only attack," this warning has materialized, as security researcher Peter Geissler (@bl4sty) publicly disclosed a functional exploit on Thursday, October 5th, 2023.

This flaw has been identified in default installations of various Linux distributions, including Fedora 37 and 38, Ubuntu 22.04 and 23.04, as well as Debian 12 and 13. Additional distributions are "likely" in scope as well, however, one exception found is the Alpine Linux distribution.