CVE-2023-4911CISA KEV: Actively Exploited

GNU C Library Buffer Overflow Vulnerability

Published Nov 21, 2023·Updated Nov 21, 2023

Description

GNU C Library's dynamic loader ld.so contains a buffer overflow vulnerability when processing the GLIBC_TUNABLES environment variable, allowing a local attacker to execute code with elevated privileges.

Public Exploits & PoCs19 found

PoC: CVE-2023-4911

PoC for CVE-2023-4911

56

PoC: CVE-2023-4911

PoC for CVE-2023-4911

10

PoC: CVE-2023-4911

CVE-2023-4911 proof of concept

6

PoC: CVE-2023-4911

Proof of concept for CVE-2023-4911(Looney Tunables) discovered by Qualys Threat Research Unit

1

PoC: CVE-2023-4911

CVE-2023-4911

1

[POC] MAL-2026-2307 — cve-2023-4911-exploit-optimized

Pure C exploit for CVE-2023-4911 (Looney Tunables). No Python required. Features multi-processing brute-forcing, dynamic calibration, and integrated ELF parser.

PoC: CVE-2023-4911-Exploit

CVE-2023-4911 exploit

PoC: CVE-2023-4911

CVE-2023-4911-Looney-Tunables

PoC: CVE-2023-4911-PoC

Repository containing a Proof of Concept (PoC) demonstrating the impact of CVE-2023-4911, a vulnerability in glibc's ld.so dynamic loader, exposing risks related to Looney Tunables.

PoC: Looney-Tunables

PoC of CVE-2023-4911

PoC: CVE-2023-4911-Looney-Tunables

Privilege Escalation - Heap Buffer Overflow Vulnerability

PoC: looneyCVE

Looney Tunables CVE-2023-4911

PoC: CVE-2023-4911

Looney Tunables Local privilege escalation (CVE-2023-4911) workshop

PoC: Looney-Tunables-LPE-workshop-CVE-2023-4911-

CVE-2023-4911 (Looney Tunables) explained

PoC: LooneyPwner

Exploit tool for CVE-2023-4911, targeting the 'Looney Tunables' glibc vulnerability in various Linux distributions.

PoC: CVE-2023-4911

PoC for CVE-2023-4911 LooneyTuneables

PoC: looney-tuneables

CVE-2023-4911

PoC: CVE-2023-4911-Looney-Tunables-

A Critical glibc Vulnerability

PoC: CVE-2023-4911-PoC

https://www.qualys.com/2023/10/03/cve-2023-4911/looney-tunables-local-privilege-escalation-glibc-ld-so.txt

References

View on NVD Search GitHub Search Google

Get alerted for CVEs like this

Register your stack and get notified within minutes when a matching CVE drops.

Start monitoring free