Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Looney Tunables (CVE-2023-4911) LPE #18429

Closed
h00die opened this issue Oct 6, 2023 · 1 comment · Fixed by #18541
Closed

Looney Tunables (CVE-2023-4911) LPE #18429

h00die opened this issue Oct 6, 2023 · 1 comment · Fixed by #18541
Assignees
@jheysel-r7
Labels
suggestion-module New module suggestions

Comments

@h00die
Copy link
Contributor

h00die commented Oct 6, 2023

Summary

New glibc exploit, should work for many linuxes. https://www.bleepingcomputer.com/news/security/exploits-released-for-linux-flaw-giving-root-on-major-distros/

Basic example

https://haxx.in/files/gnu-acme.py (not reviewed)
@h00die h00die added the suggestion-module New module suggestions label Oct 6, 2023
@jvoisin
Copy link
Contributor

jvoisin commented Oct 6, 2023

Other PoC:

@jheysel-r7 jheysel-r7 self-assigned this Oct 23, 2023
@jheysel-r7 jheysel-r7 moved this to In Progress in Metasploit Kanban Oct 23, 2023
@jheysel-r7 jheysel-r7 moved this from In Progress to Todo in Metasploit Kanban Nov 3, 2023
@jheysel-r7 jheysel-r7 moved this from Todo to In Progress in Metasploit Kanban Nov 13, 2023
@jheysel-r7 jheysel-r7 moved this from In Progress to Todo in Metasploit Kanban Nov 20, 2023
@jheysel-r7 jheysel-r7 linked a pull request Dec 15, 2023 that will close this issue
Glibc Tunables Privilege Escalation CVE-2023-4911 (Looney Tunables) #18541
Merged
@github-project-automation github-project-automation bot moved this from Todo to Done in Metasploit Kanban Dec 20, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@jheysel-r7 jheysel-r7

Labels
suggestion-module New module suggestions
Projects
Metasploit Kanban
Archived in project
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Glibc Tunables Privilege Escalation CVE-2023-4911 (Looney Tunables) jheysel-r7/metasploit-framework
3 participants
@jvoisin @h00die @jheysel-r7