CVE-2023-4911 has been discovered in the GNU C library ld.so dynamic loader that can be exploited to give bad actors root privileges on major Linux distributions.

This vulnerability resides in the glibc dynamic loader and can be exploited in the processing of the GLIBC_TUNABLES environment variable. This flaw was discovered and originally reported by Qualys.

The dynamic loader defines system calls and other functionalities such as open, malloc, printf, and exit. This crucial component of glibc examines a program (when it is initiated) and determines the shared libraries it requires. The dynamic loader then searches for the libraries, loads them into memory, and links them to the program at runtime.

The GLIBC_TUNABLES environment variable was added to glibc to give users the capability of modifying the library's runtime behavior. Qualys discovered the presence of a buffer overflow flaw that poses a serious threat to all major Linux distributions.

If affected, a threat actor could gain root privileges and wreak havoc on a system. Distributions such as Debian 12 and 13, Ubuntu 22.04 and 23.04, and Fedora 37 and 38 are all affected.

This vulnerability should be taken seriously and admins are encouraged to patch immediately.