Glibc ld.so Vulnerability Enables System Root Access

Qualys revealed a dangerous vulnerability (cve-2023-4911) in the LD.SO computer, which is part of the GLIBC system-biblioteum (GNU LIBC). The vulnerability allows local users to elevate their privileges in the system through specially designed data in the environment variable glibc_tunables. This vulnerability can be exploited when executing an executable file with the SUID Root flag, such as /usr/bin/su.

The possibility of successfully exploiting this vulnerability has been demonstrated in Fedora 37 and 38, Ubuntu 22.04 and 23.04, Debian 12 and 13. It is assumed that the vulnerability is also present in other distributions using Glibc. However, distributions based on the MUSL system-bibliotek, such as Alpine Linux, are not affected by this issue. The vulnerability has been patched in the latest commit made on October 2. Users can monitor the release of packet updates for their respective distributions on the following pages: Debian, Ubuntu, RHEL, OpenSUSE, Fedora, Gentoo, and

/Reports, release notes, official announcements.