Skip to content

Diego-AltF4/CVE-2023-4911

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

10 Commits

Makefile

Makefile

 
 

README.md

README.md

 
 

create-libc.py

create-libc.py

 
 

gdb-script

gdb-script

 
 

xpl.c

xpl.c

 
 

Repository files navigation

Proof of concept for CVE-2023-4911 (Looney Tunables)

This vulnerability has been discovered by Qualys Threat Research. Here you can read the advisory they published, it explains in depth the vulnerability.

The exploit has been tested on Ubuntu 22.04.2 LTS with GLIBC 2.35-0ubuntu3.1.

Testing the exploit

The makefile allows testing the exploit in the following scenarios:

  1. With ASLR disabled (test).
  2. With ASLR enabled (exploit)
  3. Debugging the exploit (debug)

Demo

exploit

Kudos to leesh3288 for his exploit.

About

Proof of concept for CVE-2023-4911 (Looney Tunables) discovered by Qualys Threat Research Unit

Resources

Readme
Activity

Stars

8 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages