CVE-2023-4911
HIGHCISA KEVEPSS 100th pctlDescription
A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. This issue could allow a local attacker to use maliciously crafted GLIBC_TUNABLES environment variables when launching binaries with SUID permission to execute code with elevated privileges.
CVSS v3 Vector
Exploitability
Impact
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Exploit Intelligence
Very high risk: more likely to be exploited than 100% of all known CVEs.
GNU C Library Buffer Overflow Vulnerability
GNU C Library's dynamic loader ld.so contains a buffer overflow vulnerability when processing the GLIBC_TUNABLES environment variable, allowing a local attacker to execute code with elevated privileges.
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Remediation due: 2023-12-12
References
- https://access.redhat.com/errata/RHSA-2023:5453
- https://access.redhat.com/errata/RHSA-2023:5454
- https://access.redhat.com/errata/RHSA-2023:5455
- https://access.redhat.com/errata/RHSA-2023:5476
- https://access.redhat.com/errata/RHSA-2024:0033
- https://access.redhat.com/security/cve/CVE-2023-4911
- https://bugzilla.redhat.com/show_bug.cgi?id=2238352
- https://www.qualys.com/2023/10/03/cve-2023-4911/looney-tunables-local-privilege-escalation-glibc-ld-so.txt
- https://www.qualys.com/cve-2023-4911/
- http://packetstormsecurity.com/files/174986/glibc-ld.so-Local-Privilege-Escalation.html
- http://packetstormsecurity.com/files/176288/Glibc-Tunables-Privilege-Escalation.html
- http://seclists.org/fulldisclosure/2023/Oct/11
- http://www.openwall.com/lists/oss-security/2023/10/03/2
- http://www.openwall.com/lists/oss-security/2023/10/03/3
- http://www.openwall.com/lists/oss-security/2023/10/05/1
- http://www.openwall.com/lists/oss-security/2023/10/13/11
- http://www.openwall.com/lists/oss-security/2023/10/14/3
- http://www.openwall.com/lists/oss-security/2023/10/14/5
- http://www.openwall.com/lists/oss-security/2023/10/14/6
- https://lists.fedoraproject.org/archives/list/[email protected]/message/4DBUQRRPB47TC3NJOUIBVWUGFHBJAFDL/
- https://lists.fedoraproject.org/archives/list/[email protected]/message/DFG4P76UHHZEWQ26FWBXG76N2QLKKPZA/
- https://lists.fedoraproject.org/archives/list/[email protected]/message/NDAQWHTSVOCOZ5K6KPIWKRT3JX4RTZUR/
- https://security.gentoo.org/glsa/202310-03
- https://security.netapp.com/advisory/ntap-20231013-0006/
- https://www.debian.org/security/2023/dsa-5514
- https://www.exploit-db.com/exploits/52479
- https://cert-portal.siemens.com/productcert/html/ssa-082556.html
- https://cert-portal.siemens.com/productcert/html/ssa-794697.html
- https://cert-portal.siemens.com/productcert/html/ssa-831302.html
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-4911
Find and fix vulnerabilities across your fleet
TridentStack Control continuously scans your Windows, macOS, and Linux fleet for known vulnerabilities, prioritizes them by severity and active exploitation, and patches them automatically.
Start freeThis product uses NVD data but is not endorsed or certified by the NVD. EPSS scores courtesy of FIRST.org (https://www.first.org/epss). Source: CISA KEV Catalog. Data as of 2026-05-12.