Source: heimdalsecurity.com – Author: Cristian Neagu
On the majority of Linux distributions, proof-of-concept attacks for a high-severity vulnerability in the dynamic loader of the GNU C Library have previously been made public online.
Details About the Vulnerability
The security vulnerability is known as “Looney Tunables” and is tracked as CVE-2023-4911. The vulnerability occurs due to a buffer overflow weakness, and it affects default installations of Debian 12 and 13, Ubuntu 22.04 and 23.04, and Fedora 37 and 38.
Attackers can use it to start programs with SUID permission and get root privileges by exploiting the GLIBC_TUNABLES environment variable that is processed by the ld.so dynamic loader. Several security researchers have already published proof-of-concept (PoC) exploit codes that works for some system configurations.
Independent security researcher Peter Geissler (blasty) published one of these PoC exploits earlier today. Will Dormann, a vulnerability and exploit expert, had already verified that it worked.
Although his attack can only be used against a select few targets, the proof-of-concept (PoC) also contains instructions on how to add more by figuring out a feasible offset for each system’s ld.so dynamic loader.
Administrators are recommended to act promptly due to the significant threat posed by the security flaw, which if exploited successfully grants complete root access to systems running the latest releases of widely used Linux platforms, including Ubuntu, Debian, and Fedora.
Fight Vulnerabilities Effectively With Heimdal®
Keeping up with the newest vulnerabilities in today’s cybersecurity landscape can be challenging, especially for organizations that still rely on manual patch management processes.
An automated patch management solution, such as Heimdal®’s Patch & Asset Management software will make your patch management process both easier and more efficient.
Our patch management solution is a fully automated, customizable solution made to be used for Windows, Linux, and macOS machines, and can also distribute and install patches from third-party apps and even proprietary apps, all remotely, at any time.
Automate your patch management routine.
Heimdal® Patch & Asset Management Software
Remotely and automatically install Windows, Linux and 3rd party application updates and manage your software inventory.
- Schedule updates at your convenience;
- See any software assets in inventory;
- Global deployment and LAN P2P;
- And much more than we can fit in here…
If you liked this article, follow us on LinkedIn, Twitter, Facebook, Youtube, and Instagram for more cybersecurity news and topics.
If you liked this post, you will enjoy our newsletter.
Get cybersecurity updates you’ll actually want to read directly in your inbox.
Original Post URL: https://heimdalsecurity.com/blog/poc-exploits-released-for-major-linux-flaw/
Category & Tags: Cybersecurity News – Cybersecurity News
