CVE-2023-4911
Description
A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. This issue could allow a local attacker to use maliciously crafted GLIBC_TUNABLES environment variables when launching binaries with SUID permission to execute code with elevated privileges.
Severity: HIGH
CVE ID: CVE-2023-4911
CVSS Score: 7.8
CVSS Metrics: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Proof Of Concept
Green-Avocado
leesh3288
PoC for CVE-2023-4911
Refrence: GitHub
RickdeJager
CVE-2023-4911 proof of concept
Refrence: GitHub
xiaoQ1z
Refrence: GitHub
silent6trinity
CVE-2023-4911
Refrence: GitHub
hadrian3689
Refrence: GitHub
ruycr4ft
CVE-2023-4911
Refrence: GitHub
guffre
PoC for CVE-2023-4911 LooneyTuneables
Refrence: GitHub
chaudharyarjun
Exploit tool for CVE-2023-4911, targeting the 'Looney Tunables' glibc vulnerability in various Linux distributions.
Refrence: GitHub
KernelKrise
Looney Tunables Local privilege escalation (CVE-2023-4911) workshop
Refrence: GitHub
Diego-AltF4
Proof of concept for CVE-2023-4911 (Looney Tunables) discovered by Qualys Threat Research Unit
Refrence: GitHub
teraGL
Looney Tunables CVE-2023-4911
Refrence: GitHub
snurkeburk
PoC of CVE-2023-4911
Refrence: GitHub
puckiestyle
Refrence: GitHub
yanfernandess
Refrence: GitHub
NishanthAnand21
Repository containing a Proof of Concept (PoC) demonstrating the impact of CVE-2023-4911, a vulnerability in glibc's ld.so dynamic loader, exposing risks related to Looney Tunables.
Refrence: GitHub