Update Your Linux Installation to Fix ‘Looney Tunables’ Flaw

The world's major Linux distros have released patches to address a security flaw impacting nearly all of them....
Update Your Linux Installation to Fix ‘Looney Tunables’ Flaw
Written by Matt Milano
  • The world’s major Linux distros have released patches to address a security flaw impacting nearly all of them.

    “Looney Tunables” is a GNU C Library (glibc) privilege escalation exploit that grants local users full root access. The flaw was discovered by security researchers at Qualys. Because of glibc’s widespread use, the vast majority of distributions are affected by this particular flaw, according to Saeed Abbasi, Product Manager – Threat Research Unit:

    We have successfully identified and exploited this vulnerability (a local privilege escalation that grants full root privileges) on the default installations of Fedora 37 and 38, Ubuntu 22.04 and 23.04, and Debian 12 and 13. It’s likely that other distributions are similarly susceptible, although we’ve noted that Alpine Linux remains an exception due to its use of musl libc instead of glibc. This vulnerability was introduced in April 2021.

    Abbasi says the vulnerability poses “significant risks” to Linux distributions and their users:

    Our successful exploitation, leading to full root privileges on major distributions like Fedora, Ubuntu, and Debian, highlights this vulnerability’s severity and widespread nature. Although we are withholding our exploit code for now, the ease with which the buffer overflow can be transformed into a data-only attack implies that other research teams could soon produce and release exploits. This could put countless systems at risk, especially given the extensive use of glibc across Linux distributions. While certain distributions like Alpine Linux are exempt due to their use of musl libc instead of glibc, many popular distributions are potentially vulnerable and could be exploited in the near future.

    Fortunately, Debian, Gentoo, Ubuntu, and Red Hat have already patched the issue. Needless to say, users should update immediately.

    Get the WebProNews newsletter delivered to your inbox

    Get the free daily newsletter read by decision makers

    Subscribe
    Advertise with Us

    Ready to get started?

    Get our media kit