Loonytunables Linux Vulnerability


October is cyber security awareness month and even though the subject may always seem highly complicated and overwhelming the goal is to remind everyone there are many ways to improve your privacy and security. As we all know though that isnt always enough unfortunately. You may use 2fa and generated passwords but that doesn't protect against everything. You may even be a fellow Linux user, an open source UNIX based operating system that is usually considered a more security focused, but alas nothing is 100%.

Unveiling the Exploit

A surprisingly simple exploit was found in Linux systems. A buffer overflow vulnerability was found in the GNU C libraries dynamic loader (initializes and executes programs) in Linux distributions Fedora, Ubuntu, Debian and those based off of them.  The exploit could affect other distributions as well but one that isn't affected is Alpine because it uses libc vs glibc so it just depends. Basically the vulnerability can give attackers the ability to enable local privilege escalation granting root access. (Control over the whole system😱) This can be done when an attacker injects malicious code into the 'GLIBC_TUNABLES` environment variable and when binaries are ran with SUID permission the attacker can then run said malicious code. The company that discovered and released this vulnerability is Qualys threat research unit a popular research company. It was reported to secalert@redhat on 9/04/2023. On 9/19/2023 a patch sent to linux-distros@openwall and finally the coordinated release was 3/10/2023.The flaw in the system that allowed this is actually from an update on April 2021, the release of glibc 2.34. 

The Fix

The fix? Well you can either simply update your system or if for some reason you cant you can use a systemtap script which will terminate any setuid program that was invoked with 'GLIBC_TUNABLES` and you'll be good to go, it can be found on Qualys website. Regardless of the now fixed exploit popping up I gotta say switching to linux from windows or mac in my opinion is well worth it but that's a whole other story I'll have get into sometime maybe. The full write up and proof of concept of Qualys work can be found here. Thanks for reading.

How do you rate this article?

3


comosaycomosah
comosaycomosah

Heller! Was never much of a writer but decided to try my hand at blogging regularly about things I'm interested in like crypto, web3, trading, programming, linux, open source, cyber security and just general ramblings lol. Follow me @comosaycomosah 🙏


Cryptocurrency and opensource
Cryptocurrency and opensource

Exploring free and open source products in the cryptocurrency space.

Send a $0.01 microtip in crypto to the author, and earn yourself as you read!

20% to author / 80% to me.
We pay the tips from our rewards pool.