Network Security
Vulnerability Management
Privileged Access Management
Endpoint Security
Threat Hunting
Unified Endpoint Management
Email & Collaboration Security
Contents:
On the majority of Linux distributions, proof-of-concept attacks for a high-severity vulnerability in the dynamic loader of the GNU C Library have previously been made public online.
Details About the Vulnerability
The security vulnerability is known as “Looney Tunables” and is tracked as CVE-2023-4911. The vulnerability occurs due to a buffer overflow weakness, and it affects default installations of Debian 12 and 13, Ubuntu 22.04 and 23.04, and Fedora 37 and 38.
Attackers can use it to start programs with SUID permission and get root privileges by exploiting the GLIBC_TUNABLES environment variable that is processed by the ld.so dynamic loader. Several security researchers have already published proof-of-concept (PoC) exploit codes that works for some system configurations.
Independent security researcher Peter Geissler (blasty) published one of these PoC exploits earlier today. Will Dormann, a vulnerability and exploit expert, had already verified that it worked.
Although his attack can only be used against a select few targets, the proof-of-concept (PoC) also contains instructions on how to add more by figuring out a feasible offset for each system’s ld.so dynamic loader.
Administrators are recommended to act promptly due to the significant threat posed by the security flaw, which if exploited successfully grants complete root access to systems running the latest releases of widely used Linux platforms, including Ubuntu, Debian, and Fedora.
Fight Vulnerabilities Effectively With Heimdal®
Keeping up with the newest vulnerabilities in today’s cybersecurity landscape can be challenging, especially for organizations that still rely on manual patch management processes.
An automated patch management solution, such as Heimdal®’s Patch & Asset Management software will make your patch management process both easier and more efficient.
Our patch management solution is a fully automated, customizable solution made to be used for Windows, Linux, and macOS machines, and can also distribute and install patches from third-party apps and even proprietary apps, all remotely, at any time.
Heimdal® Patch & Asset Management Software
- Schedule updates at your convenience;
- See any software assets in inventory;
- Global deployment and LAN P2P;
- And much more than we can fit in here...
If you liked this article, follow us on LinkedIn, Twitter, Facebook, Youtube, and Instagram for more cybersecurity news and topics.
Cristian is a Content Editor & Creator at Heimdal®, where he developed a deep understanding of the digital threat landscape. His style resonates with both technical and non-technical readers, proof being in his skill of communicating cybersecurity norms effectively, in an easy-to-understand manner.
