A new Linux security vulnerability dubbed Looney Tunables has been learned in the GNU C library’s ld.so dynamic loader that, if productively exploited, could lead to a local privilege escalation and permit a risk actor to gain root privileges.
Tracked as CVE-2023-4911 (CVSS score: 7.8), the issue is a buffer overflow that resides in the dynamic loader’s processing of the GLIBC_TUNABLES natural environment variable. Cybersecurity company Qualys, which disclosed details of the bug, reported it was released as a code commit created in April 2021.
The GNU C library, also referred to as glibc, is a core library in Linux-based devices that provides foundational options these types of as open, go through, write, malloc, printf, getaddrinfo, dlopen, pthread_develop, crypt, login, and exit.
glibc’s dynamic loader is a critical element which is accountable for planning and working courses, which include finding the essentially shared item dependencies expected as nicely as loading them into memory and linking them at runtime.
The vulnerability impacts major Linux distributions like Fedora 37 and 38, Ubuntu 22.04 and 23.04, and Debian 12 and 13, even though other distributions are likely to be susceptible and exploitable. Just one notable exception is Alpine Linux, which makes use of the musl libc library as a substitute of glibc.
“The existence of a buffer overflow vulnerability in the dynamic loader’s dealing with of the GLIBC_TUNABLES atmosphere variable poses important threats to a lot of Linux distributions,” Saeed Abbasi, solution supervisor at Qualys Risk Investigate Unit, stated.
“This atmosphere variable, meant to high-quality-tune and improve programs joined with glibc, is an critical resource for developers and technique directors. Its misuse or exploitation broadly influences technique general performance, dependability, and security.”
An advisory issued by Pink Hat states that a area attacker could exploit the shortcoming to use maliciously crafted GLIBC_TUNABLES environment variables when launching binaries with SUID authorization to execute code with elevated privileges.
It has also delivered temporary mitigation that, when enabled, terminates any setuid system invoked with GLIBC_TUNABLES in the ecosystem.
Looney Tunables is the newest addition to a growing list of privilege escalation flaws that have been discovered in Linux in the latest years, counting CVE-2021-3156 (Baron Samedit), CVE-2021-3560, CVE-2021-33909 (Sequoia), and CVE-2021-4034 (PwnKit), that could be weaponized to get elevated permissions.
Uncovered this report intriguing? Comply with us on Twitter and LinkedIn to read through a lot more distinctive written content we write-up.
Some parts of this article are sourced from:
thehackernews.com