Cybersecurity

The vulnerability Looney Tunables in GlibC is being actively exploited

No Comments2 Mins Read1 Views
The vulnerability Looney Tunables in GlibC is being actively exploited.webp

On October 3, 2023, Qualys revealed details about a high-severity native privilege escalation vulnerability in the GNU C Library (glibc), which is extensively used on Linux programs. This vulnerability (CVE-2023-4911) may permit a neighborhood attacker to realize root privileges.

Solely two days in the past, CISA, the Cybersecurity and Infrastructure Safety Company of the USA, reported that this vulnerability CVE-2023-4911 is actively being exploited.

The GNU C Library defines system calls and different fundamental performance that each one applications that use this language require. Most present Linux distributions use this library to compile their software program packages.

Vulnerability CVE-2023-4911 particulars

The following are the principle particulars of this vulnerability:

  • CVE identifier: CVE-2023-4911.
  • Date revealed: October 3, 2023.
  • Affected software program: glibc.
  • CVSS rating: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H (7.8 Excessive).
  • Affected variations: GNU Linux distributions that use a model of the library equal to or later than 2.34 (since April 2021) and sooner than 2.37-r7 in their glibc bundle.
    • Amazon Linux 2023 – Variations sooner than 2023.2.20231002.
    • Debian bookworm – Variations sooner than 2.36-9+deb12u3.
    • Debian bullseye – Variations sooner than 2.31-13+deb11u7.
    • Ubuntu 22.04 – Variations sooner than 2.35-0ubuntu3.4.
    • Ubuntu 23.04 – Variations sooner than 2.37-0ubuntu2.1.
    • Fedora 37 – Variations sooner than glibc-2.36-14.fc37.
    • Fedora 38 – Variations sooner than glibc-2.37-10.fc38.
    • Gentoo – Variations sooner than sys-libs/glibc 2.37-r7.
    • All unsupported Linux distributions may additionally be affected.
  • Exploitation necessities:
    • Execution of code with restricted privileges on the weak system.

Imagen oficial publicada por Qualys con la vulnerabilidad

CVE-2023-4911 mitigation

The major answer is to urgently replace the glibc bundle to the brand new variations obtainable that repair this vulnerability for every distribution.

It is essential to notice that, for this replace to be utilized fully, it is essential to restart the working system. This ensures that each one processes use the up to date library.

Vulnerability detection

The finest solution to establish this vulnerability is primarily based on the glibc bundle variations. As a part of its rising vulnerabilities service, Tarlogic Safety proactively displays the perimeter of its clients to report, detect, and urgently notify the presence of this vulnerability, in addition to different crucial threats that would trigger a critical affect on the safety of their belongings.

References:


Source link
Share.

Related Posts

Leave A Reply

Exit mobile version