Vulnerability detail
Enriched intelligence for a single CVE
High
CVE-2023-4911
PUBLISHEDGlibc: buffer overflow in ld.so leading to privilege escalation
- Vendor
- , Red Hat
- Product
- , Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 8.6 Extended Update Support, Red Hat Enterprise Linux 9, Red Hat Enterprise Linux 9.0 Extended Update Support, Red Hat Virtualization 4 for Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 6, Red Hat Enterprise Linux 7
- Published
- Oct 03, 2023
- EPSS
- —
Description
A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. This issue could allow a local attacker to use maliciously crafted GLIBC_TUNABLES environment variables when launching binaries with SUID permission to execute code with elevated privileges.
CVSS scores
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Exploitation status
Exploited in the wild
Recorded 2023-11-21 00:00:00 UTC · Source
SSVC decision points
- Exploitation
- active
- Automatable
- No
- Technical impact
- total
References
- https://access.redhat.com/errata/RHSA-2023:5453
- https://access.redhat.com/errata/RHSA-2023:5454
- https://access.redhat.com/errata/RHSA-2023:5455
- https://access.redhat.com/errata/RHSA-2023:5476
- https://access.redhat.com/errata/RHSA-2024:0033
- https://access.redhat.com/security/cve/CVE-2023-4911
- https://bugzilla.redhat.com/show_bug.cgi?id=2238352
- https://www.qualys.com/2023/10/03/cve-2023-4911/looney-tunables-local-privilege-escalation-glibc-ld-so.txt
- https://www.qualys.com/cve-2023-4911/
Known exploited vulnerability sources
Catalogues that list this CVE as a known exploited vulnerability.
| Source | Added |
|---|---|
| CISA | Nov 21, 2023 |
Scanner integrations
| Scanner | Reference | Detected |
|---|---|---|
| Metasploit | https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/local/glibc_tunables_priv_esc.rb | Apr 28, 2025 |
Potential proof of concepts
These PoCs are unverified and could contain malware. Use at your own risk.
github · Created 2024-01-20 18:47:07 UTC · 2 stars
Repository containing a Proof of Concept (PoC) demonstrating the impact of CVE-2023-4911, a vulnerability in glibc's ld.so dynamic loader, exposing risks related to Looney Tunables.
github · Created 2024-01-19 18:20:05 UTC · 2 stars
github · Created 2023-12-23 11:54:40 UTC · 0 stars
github · Created 2023-10-28 20:05:30 UTC · 8 stars
Proof of concept for CVE-2023-4911 (Looney Tunables) discovered by Qualys Threat Research Unit
github · Created 2023-10-25 11:59:34 UTC · 11 stars
Looney Tunables Local privilege escalation (CVE-2023-4911) workshop
github · Created 2023-10-10 22:04:23 UTC · 27 stars
github · Created 2023-10-08 03:26:24 UTC · 1 stars
github · Created 2023-10-04 14:32:49 UTC · 168 stars
CVE-2023-4911 proof of concept
github · Created 2023-10-04 11:58:58 UTC · 14 stars
https://www.qualys.com/2023/10/03/cve-2023-4911/looney-tunables-local-privilege-escalation-glibc-ld-so.txt
Timeline
-
CVE ID Reserved
-
CVE Published to Public
-
Added to KEVIntel
-
Detected by Metasploit