Skip to content

daniele-capone/CVE-2023-4911

 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

2 Commits
 
 
 
 
 
 
 
 

Repository files navigation

PoC of CVE-2023-4911 "Looney Tunables"

This is a PoC of CVE-2023-4911 (a.k.a. "Looney Tunables") exploiting a bug in glibc dynamic loader's GLIBC_TUNABLES environment variable parsing function parse_tunables().

Code has been tested on Ubuntu 22.04.3 with glibc version 2.35-0ubuntu3.3. No attempts have been made to generalize the PoC (read: "Works On My Machine"), so your mileage may vary.

As always, big kudos to the Qualys Threat Research Unit for the discovery of the vulnerability and for the very detailed writeup.


Written by Xion of KAIST Hacking Lab

About

PoC for CVE-2023-4911

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages

  • C 87.0%
  • Python 8.9%
  • Makefile 4.1%