Skip to content
/ POC_CVE4911 Public

PoC exploits are not meant to cause harm, but to show security weaknesses within software. Identifying issues allows companies to patch vulnerabilities and protect itself against attacks

www.x.com/0xb4k3d
0 stars 0 forks Branches Tags Activity
Star
Notifications

b4k3d/POC_CVE4911

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

5 Commits

Makefile

Makefile

 
 

README.md

README.md

 
 

exp.c

exp.c

 
 

gen_libc.py

gen_libc.py

 
 

Repository files navigation

PoC of CVE-2023-4911 "Looney Tunables"

This is a PoC of CVE-2023-4911 (a.k.a. "Looney Tunables") exploiting a bug in glibc dynamic loader's GLIBC_TUNABLES environment variable parsing function parse_tunables().

Code has been tested on Ubuntu 22.04.3 with glibc version 2.35-0ubuntu3.3. No attempts have been made to generalize the PoC so your mileage may vary. kudos to [Qualys Threat Research Unit]

Written by b4k3d

| _ ) | || ||__ / \ | _ _ | / /| \ |) | |/ |||__/_/

About

PoC exploits are not meant to cause harm, but to show security weaknesses within software. Identifying issues allows companies to patch vulnerabilities and protect itself against attacks

www.x.com/0xb4k3d

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages