A vulnerability (CVE-2023-4911) in the GNU C Library (aka “glibc”) can be exploited by attackers to gain root privileges on many popular Linux distributions, according to Qualys researchers. About CVE-2023-4911 Dubbed “Looney Tunables”, CVE-2023-4911 is a buffer overflow vulnerability in the dynamic loader’s processing of the GLIBC_TUNABLES environment variable. To exploit it, attackers first need to establish access to the system. “The GNU C Library, commonly known as glibc, is the C library in the … More

The post “Looney Tunables” bug allows root access on Linux distros (CVE-2023-4911) appeared first on Help Net Security.