{"vulnerability": "CVE-2023-4911", "sightings": [{"uuid": "5e181e0d-1354-47b9-9a17-6eb34de1ef1a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4911", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2023-11-21T18:10:02.000000Z"}, {"uuid": "3db7f3e3-aeab-4226-849c-63dcf0d7f291", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4911", "type": "seen", "source": "MISP/4afe8f7d-ae7a-40d0-868a-7c6878f2a87e", "content": "", "creation_timestamp": "2023-11-07T15:38:29.000000Z"}, {"uuid": "536c941e-87e4-4d0d-85d6-026c70227fe6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4911", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2971926", "content": "", "creation_timestamp": "2024-12-24T20:35:44.062128Z"}, {"uuid": "0447560e-c4f0-4e99-b946-3376ab30ae80", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4911", "type": "seen", "source": "https://gist.github.com/tradebot-elastic/0443cfb5016bed103f1940b2f336e45a", "content": "", "creation_timestamp": "2025-01-09T15:31:50.000000Z"}, {"uuid": "1b521eae-3e35-4bde-acce-970cacfeeef8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4911", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:46.000000Z"}, {"uuid": "5e1e9ef3-4f7f-4efb-8618-36c96938e0dc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4911", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:10:49.000000Z"}, {"uuid": "2c92c863-973d-41be-8ff9-4a61f8f72311", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4911", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:10:58.000000Z"}, {"uuid": "9135eb48-f402-4f1f-b266-7bf80296a08c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4911", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-162-05", "content": "", "creation_timestamp": "2025-06-12T10:00:00.000000Z"}, {"uuid": "f77c0605-3da6-4142-8510-cf5a93bcabdb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4911", "type": "seen", "source": "MISP/ab0b745f-bbd5-338e-8b92-97dd0c757e9d", "content": "", "creation_timestamp": "2025-08-31T03:00:50.000000Z"}, {"uuid": "4c50d224-3040-4d64-9770-fd09018ec590", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4911", "type": "seen", "source": "https://bsky.app/profile/gcpweekly.bsky.social/post/3m3kpzig3zs2i", "content": "", "creation_timestamp": "2025-10-19T16:31:16.569123Z"}, {"uuid": "6469af86-1d4f-4ec8-a3d3-4c31f14d8f40", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4911", "type": "seen", "source": "MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7", "content": "", "creation_timestamp": "2025-10-23T21:13:02.000000Z"}, {"uuid": "d1bcf361-0e12-4d9d-8113-c474fb0a0172", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4911", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/local/glibc_tunables_priv_esc.rb", "content": "", "creation_timestamp": "2023-12-20T19:21:40.000000Z"}, {"uuid": "af981cb4-364d-4537-8e1b-10804ad2ab9d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4911", "type": "seen", "source": "https://bsky.app/profile/exploitdb-bot.bsky.social/post/3mel7tppqlf2p", "content": "", "creation_timestamp": "2026-02-11T10:01:07.471479Z"}, {"uuid": "74cbdd1f-145a-4d86-b0de-cea8e53f7ce1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4911", "type": "seen", "source": "https://infosec.exchange/users/certvde/statuses/116158292538427831", "content": "", "creation_timestamp": "2026-03-02T07:01:24.244332Z"}, {"uuid": "cf6bcd88-8a03-48ef-b445-24671d23b086", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4911", "type": "seen", "source": "https://gist.github.com/Metis-Intel/b94dbfe682c0d50d18e127d4891208cb", "content": "", "creation_timestamp": "2025-12-16T03:39:35.000000Z"}, {"uuid": "88865434-e898-4ccd-a6c0-ebc3b34ec24e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "c933734a-9be8-4142-889e-26e95c752803", "vulnerability": "CVE-2023-4911", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/92582bf5-d92c-47fe-b891-656d271bbfef", "content": "", "creation_timestamp": "2024-10-14T15:50:35.983245Z"}, {"uuid": "4810dfba-5209-4dfe-b524-f79264fd7abc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4911", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3meovccq2tv2k", "content": "", "creation_timestamp": "2026-02-12T21:03:13.190439Z"}, {"uuid": "aa7b1e3c-6d5d-4865-a973-9b01cc5d3f8e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4911", "type": "published-proof-of-concept", "source": "https://t.me/ap_security/97", "content": "\u26a1\ufe0fLooney Tunables: PoC\n\n\ud83d\udce3\u0421\u0441\u044b\u043b\u043a\u0430 \u043d\u0430 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442:\nhttps://github.com/leesh3288/CVE-2023-4911\n\n#cve #exploit #privesc", "creation_timestamp": "2023-10-04T18:19:09.000000Z"}, {"uuid": "84fed991-a657-4783-afeb-bd8cbe0836e9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2023-4911", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/592b525e-7883-444e-b2e9-359de1814d5f", "content": "", "creation_timestamp": "2026-02-02T12:26:45.671500Z"}, {"uuid": "e251d583-1ae8-4417-8ed6-042c06832c80", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4911", "type": "published-proof-of-concept", "source": "https://t.me/cKure/11719", "content": "\u25a0\u25a0\u25a1\u25a1\u25a1 PoC of CVE-2023-4911 \"Looney Tunables\".\n\nhttps://github.com/leesh3288/CVE-2023-4911\n\nhttps://github.com/RickdeJager/CVE-2023-4911", "creation_timestamp": "2023-10-13T08:52:19.000000Z"}, {"uuid": "9b264db3-b017-4176-8d4b-d08d2617ca8c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4911", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/5722", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aLooney Tunables CVE-2023-4911\nURL\uff1ahttps://github.com/teraGL/looneyCVE\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-11-08T09:42:13.000000Z"}, {"uuid": "5fdfbb28-8e5f-4dce-b76b-6eaf422bd593", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4911", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/5278", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aCVE-2023-4911 proof of concept\nURL\uff1ahttps://github.com/RickdeJager/CVE-2023-4911\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-10-04T16:23:12.000000Z"}, {"uuid": "67751f50-03e8-4261-8ba0-7252b1e4bab0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4911", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/5274", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aPoC for CVE-2023-4911\nURL\uff1ahttps://github.com/leesh3288/CVE-2023-4911\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-10-04T14:21:46.000000Z"}, {"uuid": "26c8ba51-48c9-43a9-858c-01bcb746ca34", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4911", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/5349", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aCVE-2023-4911\nURL\uff1ahttps://github.com/silent6trinity/looney-tuneables\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-10-10T13:38:49.000000Z"}, {"uuid": "456f87d4-d5c3-4bc6-a8cb-a786ddbe5054", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4911", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/5461", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aExploit tool for CVE-2023-4911, targeting the 'Looney Tunables' glibc vulnerability in various Linux distributions.\nURL\uff1ahttps://github.com/chaudharyarjun/LooneyPwner\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-10-17T08:37:59.000000Z"}, {"uuid": "1a6d8e23-340d-4d00-8fcd-557815efe653", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4911", "type": "published-proof-of-concept", "source": "https://t.me/hackingbra/42", "content": "Local Privilege Escalation in the glibc's ld.so (CVE-2023-4911)\n\nhttps://www.qualys.com/2023/10/03/cve-2023-4911/looney-tunables-local-privilege-escalation-glibc-ld-so.txt\n\nPOC: https://github.com/leesh3288/CVE-2023-4911", "creation_timestamp": "2023-10-13T04:19:27.000000Z"}, {"uuid": "69daad68-961a-4dee-94dc-12165fee9305", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4911", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/5556", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aLooney Tunables Local privilege escalation (CVE-2023-4911) workshop\nURL\uff1ahttps://github.com/KernelKrise/CVE-2023-4911-Looney-Tunables-\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-10-25T12:01:14.000000Z"}, {"uuid": "5857281f-b4e5-4b56-bcb5-6db6cdfa212f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4911", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/5597", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aProof of concept for CVE-2023-4911 (Looney Tunables) discovered by Qualys Threat Research Unit \nURL\uff1ahttps://github.com/Diego-AltF4/CVE-2023-4911\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-10-29T12:08:24.000000Z"}, {"uuid": "d53eaf75-aa99-4761-a73a-91f9538e1b75", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4911", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/5408", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aPoC for CVE-2023-4911 LooneyTuneables\nURL\uff1ahttps://github.com/guffre/CVE-2023-4911\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-10-14T02:33:41.000000Z"}, {"uuid": "52c28456-85e3-4e5c-8fb9-435c0661f396", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4911", "type": "published-proof-of-concept", "source": "https://t.me/R0_Crew/2095", "content": "Local Privilege Escalation in the glibc's ld.so (CVE-2023-4911)\n\nhttps://www.qualys.com/2023/10/03/cve-2023-4911/looney-tunables-local-privilege-escalation-glibc-ld-so.txt\n\nPOC: https://github.com/leesh3288/CVE-2023-4911\n\n#expdev #linux #lpe #Alexs3y", "creation_timestamp": "2023-10-04T16:50:02.000000Z"}, {"uuid": "3e5f810f-299c-44ce-8137-183d86bbb453", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4911", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/6132", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aPoC of CVE-2023-4911\nURL\uff1ahttps://github.com/snurkeburk/Looney-Tunables\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-12-10T18:18:37.000000Z"}, {"uuid": "5486b2c5-35d8-40b2-8785-b4d3d480bb0d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4911", "type": "published-proof-of-concept", "source": "https://t.me/itsec_news/3399", "content": "\u200b\u26a1\ufe0f\u041b\u0438\u043d\u0443\u043a\u0441\u043e\u0438\u0434\u044b \u043d\u0430\u043f\u0440\u044f\u0433\u043b\u0438\u0441\u044c: \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u0434\u043b\u044f Looney Tunables \u0443\u0436\u0435 \u0433\u0443\u043b\u044f\u0435\u0442 \u043f\u043e \u0441\u0435\u0442\u0438.\n\n\ud83d\udcac \u041d\u0435 \u0443\u0441\u043f\u0435\u043b\u0438 \u043c\u044b \u0440\u0430\u0441\u0441\u043a\u0430\u0437\u0430\u0442\u044c \u0432\u0430\u043c \u043e\u0431 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u00abLooney Tunables\u00bb, \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u043c\u043e\u0439 \u043f\u043e\u0434 \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u043e\u043c CVE-2023-4911 , \u0432 \u0418\u043d\u0442\u0435\u0440\u043d\u0435\u0442\u0435 \u0443\u0436\u0435 \u043f\u043e\u044f\u0432\u0438\u043b\u0441\u044f PoC-\u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0438\u0439 \u0443\u0441\u043f\u0435\u0448\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0434\u0430\u043d\u043d\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u0440\u0435\u0430\u043b\u044c\u043d\u043e\u0439 \u0430\u0442\u0430\u043a\u0435. \u041f\u0440\u0438\u0447\u0451\u043c \u0441\u043b\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u043f\u0440\u0438\u043c\u0435\u043d\u0435\u043d\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043d\u0430\u0445\u043e\u0434\u0438\u0442\u0441\u044f \u043d\u0430 \u043a\u0440\u0430\u0439\u043d\u0435 \u043d\u0438\u0437\u043a\u043e\u043c \u0443\u0440\u043e\u0432\u043d\u0435 \u2014 \u0441\u043f\u0440\u0430\u0432\u0438\u0442\u0441\u044f \u0434\u0430\u0436\u0435 \u043d\u0430\u0447\u0438\u043d\u0430\u044e\u0449\u0438\u0439 \u0445\u0430\u043a\u0435\u0440.\n\nLooney Tunables \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043f\u043e\u043b\u0443\u0447\u0430\u0442\u044c \u043f\u0440\u0430\u0432\u0430 \u0441\u0443\u043f\u0435\u0440\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f \u0432 Linux-\u0441\u0438\u0441\u0442\u0435\u043c\u0430\u0445, \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u044f \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u043a \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u0431\u0443\u0444\u0435\u0440\u0430. \u041d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u043a \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0432\u043b\u0438\u044f\u0435\u0442 \u043d\u0430 \u0441\u0442\u0430\u043d\u0434\u0430\u0440\u0442\u043d\u044b\u0435 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0438 Debian 12 \u0438 13, Ubuntu 22.04 \u0438 23.04, \u0430 \u0442\u0430\u043a\u0436\u0435 Fedora 37 \u0438 38.\n\n\u041a\u0438\u0431\u0435\u0440\u043f\u0440\u0435\u0441\u0442\u0443\u043f\u043d\u0438\u043a\u0438 \u043c\u043e\u0433\u0443\u0442 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0437\u043b\u043e\u043d\u0430\u043c\u0435\u0440\u0435\u043d\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u0443\u044e \u043f\u0435\u0440\u0435\u043c\u0435\u043d\u043d\u0443\u044e \u0441\u0440\u0435\u0434\u044b \u00abGLIBC TUNABLES\u00bb, \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u0430\u043d\u043d\u0443\u044e \u0434\u0438\u043d\u0430\u043c\u0438\u0447\u0435\u0441\u043a\u0438\u043c \u0437\u0430\u0433\u0440\u0443\u0437\u0447\u0438\u043a\u043e\u043c \u00abld.so\u00bb, \u0447\u0442\u043e\u0431\u044b \u0434\u043e\u0431\u0438\u0442\u044c\u0441\u044f \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430 \u0441 root-\u043f\u0440\u0430\u0432\u0430\u043c\u0438 \u043f\u0440\u0438 \u0437\u0430\u043f\u0443\u0441\u043a\u0435 \u0434\u0432\u043e\u0438\u0447\u043d\u044b\u0445 \u0444\u0430\u0439\u043b\u043e\u0432 \u0441 \u0440\u0430\u0437\u0440\u0435\u0448\u0435\u043d\u0438\u0435\u043c SUID.\n\n\u041e\u0434\u0438\u043d \u0438\u0437 PoC-\u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u0432, \u0440\u0430\u0431\u043e\u0442\u0430 \u043a\u043e\u0442\u043e\u0440\u043e\u0433\u043e \u0443\u0436\u0435 \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u044d\u043a\u0441\u043f\u0435\u0440\u0442\u043e\u043c \u043f\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u043c \u0423\u0438\u043b\u043b\u043e\u043c \u0414\u043e\u0440\u043c\u0430\u043d\u043d\u043e\u043c, \u0431\u044b\u043b \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d \u043d\u0435\u0437\u0430\u0432\u0438\u0441\u0438\u043c\u044b\u043c \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u043c \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u041f\u0438\u0442\u0435\u0440\u043e\u043c \u0413\u0435\u0439\u0441\u0441\u043b\u0435\u0440\u043e\u043c \u043f\u043e\u0434 \u043f\u0441\u0435\u0432\u0434\u043e\u043d\u0438\u043c\u043e\u043c \u00abblasty\u00bb.\n\n\u0440\u0443\u0433\u0438\u0435 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0442\u0430\u043a\u0436\u0435 \u043f\u0430\u0440\u0430\u043b\u043b\u0435\u043b\u044c\u043d\u043e \u0440\u0430\u0437\u0440\u0430\u0431\u0430\u0442\u044b\u0432\u0430\u044e\u0442 \u0438 \u043f\u0443\u0431\u043b\u0438\u043a\u0443\u044e\u0442 \u0441\u0432\u043e\u0438 \u0441\u043e\u0431\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u044b \u0434\u043b\u044f CVE-2023-4911 \u043d\u0430 GitHub \u0438 \u0434\u0440\u0443\u0433\u0438\u0445 \u043f\u043b\u043e\u0449\u0430\u0434\u043a\u0430\u0445.\n\n\u00ab\u041d\u0430\u0448\u0430 \u0443\u0441\u043f\u0435\u0448\u043d\u0430\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f, \u0432\u0435\u0434\u0443\u0449\u0430\u044f \u043a \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044e \u043f\u043e\u043b\u043d\u044b\u0445 root-\u043f\u0440\u0430\u0432 \u0432 \u043e\u0441\u043d\u043e\u0432\u043d\u044b\u0445 \u0434\u0438\u0441\u0442\u0440\u0438\u0431\u0443\u0442\u0438\u0432\u0430\u0445, \u0442\u0430\u043a\u0438\u0445 \u043a\u0430\u043a Fedora, Ubuntu \u0438 Debian, \u043f\u043e\u0434\u0447\u0435\u0440\u043a\u0438\u0432\u0430\u0435\u0442 \u0441\u0435\u0440\u044c\u0451\u0437\u043d\u043e\u0441\u0442\u044c \u0438 \u0448\u0438\u0440\u043e\u043a\u043e \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u043d\u044b\u0439 \u0445\u0430\u0440\u0430\u043a\u0442\u0435\u0440 \u044d\u0442\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438\u00bb, \u2014 \u0437\u0430\u044f\u0432\u0438\u043b 3 \u043e\u043a\u0442\u044f\u0431\u0440\u044f \u0421\u0430\u0438\u0434 \u0410\u0431\u0431\u0430\u0441\u0438, \u043c\u0435\u043d\u0435\u0434\u0436\u0435\u0440 \u043f\u043e \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0443 \u043e\u0442\u0434\u0435\u043b\u0430 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u044f \u0443\u0433\u0440\u043e\u0437 Qualys. \u0418\u043c\u0435\u043d\u043d\u043e \u044d\u043a\u0441\u043f\u0435\u0440\u0442\u044b Qualys \u043f\u0435\u0440\u0432\u044b\u0435 \u0432\u044b\u044f\u0432\u0438\u043b\u0438 \u0434\u0430\u043d\u043d\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c.\n\n\u0410\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u044b \u0434\u043e\u043b\u0436\u043d\u044b \u0434\u0435\u0439\u0441\u0442\u0432\u043e\u0432\u0430\u0442\u044c \u043d\u0435\u0437\u0430\u043c\u0435\u0434\u043b\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0438 \u043e\u0431\u0435\u0437\u043e\u043f\u0430\u0441\u0438\u0442\u044c \u043f\u043e\u0434\u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044c\u043d\u044b\u0435 \u0438\u043c \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0438 Linux \u043a\u0430\u043a \u043c\u043e\u0436\u043d\u043e \u0441\u043a\u043e\u0440\u0435\u0435 \u0438\u0437-\u0437\u0430 \u0437\u043d\u0430\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0439 \u0443\u0433\u0440\u043e\u0437\u044b, \u043a\u043e\u0442\u043e\u0440\u0443\u044e \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 Looney Tunables.\n\n\ud83d\udd14 ITsec NEWS", "creation_timestamp": "2023-10-06T12:50:01.000000Z"}, {"uuid": "7c572ad6-7474-4375-9ae8-e62c8f169e75", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4911", "type": "exploited", "source": "https://t.me/itsec_news/3613", "content": "\u200b\u26a1\ufe0f\u0425\u0430\u043a\u0435\u0440\u044b Kinsing \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u044e\u0442 Looney Tunables \u0434\u043b\u044f \u043a\u0440\u0430\u0436\u0438 \u0443\u0447\u0451\u0442\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445\n\n \ud83d\udcac\u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0435 \u0441 \u043a\u0440\u0438\u043f\u0442\u043e\u0434\u0436\u0435\u043a\u0438\u043d\u0433\u043e\u0432\u043e\u0439 \u0433\u0440\u0443\u043f\u043f\u043e\u0439 Kinsing, \u043d\u0430\u0447\u0430\u043b\u0438 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u0443\u044e \u0432 \u043e\u043a\u0442\u044f\u0431\u0440\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 Linux, \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u0443\u044e \u043a\u0430\u043a Looney Tunables ( CVE-2023-4911 ), \u0434\u043b\u044f \u043e\u0441\u0443\u0449\u0435\u0441\u0442\u0432\u043b\u0435\u043d\u0438\u044f \u0430\u0442\u0430\u043a \u0441 \u0446\u0435\u043b\u044c\u044e \u043f\u0440\u043e\u043d\u0438\u043a\u043d\u043e\u0432\u0435\u043d\u0438\u044f \u0432 \u043e\u0431\u043b\u0430\u0447\u043d\u044b\u0435 \u0441\u0440\u0435\u0434\u044b. \u041e\u0431 \u044d\u0442\u043e\u043c \u0441\u043e\u043e\u0431\u0449\u0430\u0435\u0442 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u043f\u043e \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u043e\u0431\u043b\u0430\u0447\u043d\u044b\u0445 \u0442\u0435\u0445\u043d\u043e\u043b\u043e\u0433\u0438\u0439 AquaSec.\n\n\u0410\u043d\u0430\u043b\u0438\u0437 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u0437\u043d\u0430\u043c\u0435\u043d\u0443\u0435\u0442 \u0441\u043e\u0431\u043e\u0439 \u043f\u0435\u0440\u0432\u044b\u0439 \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u043e \u0437\u0430\u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u0441\u043b\u0443\u0447\u0430\u0439 \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0433\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f Looney Tunables, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u043b \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043f\u0440\u0430\u0432\u0430 \u0441\u0443\u043f\u0435\u0440\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f \u0432 \u0446\u0435\u043b\u0435\u0432\u043e\u0439 \u0441\u0440\u0435\u0434\u0435.\n\n\u041d\u043e\u0432\u0430\u044f \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u044f \u0445\u0430\u0440\u0430\u043a\u0442\u0435\u0440\u0438\u0437\u0443\u0435\u0442\u0441\u044f \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u0441\u0442\u0430\u0440\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 PHPUnit ( CVE-2017-9841 ), \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0435\u0439 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434. \u042d\u0442\u043e\u0442 \u043f\u043e\u0434\u0445\u043e\u0434 \u0432 Kinsing \u043f\u0440\u0438\u043c\u0435\u043d\u044f\u043b\u0438 \u0434\u043b\u044f \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u043f\u0435\u0440\u0432\u0438\u0447\u043d\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u043c \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u043c \u043f\u043e \u043a\u0440\u0430\u0439\u043d\u0435\u0439 \u043c\u0435\u0440\u0435 \u0441 2021 \u0433\u043e\u0434\u0430.\n\n\u0412 \u0440\u0430\u043c\u043a\u0430\u0445 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0445 \u0430\u0442\u0430\u043a \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438 PoC-\u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u043d\u0430 Python, \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u043c \u043f\u043e\u0434 \u043f\u0441\u0435\u0432\u0434\u043e\u043d\u0438\u043c\u043e\u043c bl4sty 5-\u0433\u043e \u043e\u043a\u0442\u044f\u0431\u0440\u044f. \u041f\u043e\u0441\u043b\u0435 \u044d\u0442\u043e\u0433\u043e \u0445\u0430\u043a\u0435\u0440\u044b Kinsing \u0437\u0430\u043f\u0443\u0441\u0442\u0438\u043b\u0438 \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0439 PHP-\u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442, \u043a\u043e\u0442\u043e\u0440\u044b\u0439, \u043a\u0430\u043a \u0432\u044b\u044f\u0441\u043d\u0438\u043b\u043e\u0441\u044c \u043f\u043e\u0441\u043b\u0435 \u0434\u0435\u043e\u0431\u0444\u0443\u0441\u043a\u0430\u0446\u0438\u0438, \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u043b \u0438\u0437 \u0441\u0435\u0431\u044f JavaScript, \u043f\u0440\u0435\u0434\u043d\u0430\u0437\u043d\u0430\u0447\u0435\u043d\u043d\u044b\u0439 \u0434\u043b\u044f \u0434\u0430\u043b\u044c\u043d\u0435\u0439\u0448\u0435\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438.\n\n\u0414\u0430\u043d\u043d\u044b\u0439 JavaScript-\u043a\u043e\u0434 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u043b \u0444\u0443\u043d\u043a\u0446\u0438\u0438 \u0432\u0435\u0431-\u043e\u0431\u043e\u043b\u043e\u0447\u043a\u0438, \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u044f \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u0438 \u0434\u043b\u044f \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0444\u0430\u0439\u043b\u0430\u043c\u0438, \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u043c\u0430\u043d\u0434 \u0438 \u0441\u0431\u043e\u0440\u0430 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u043e\u0431 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0435.\n\n\u041e\u0441\u043d\u043e\u0432\u043d\u0430\u044f \u0446\u0435\u043b\u044c \u0430\u0442\u0430\u043a\u0438 \u2014 \u0438\u0437\u0432\u043b\u0435\u0447\u0435\u043d\u0438\u0435 \u0443\u0447\u0451\u0442\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 \u043f\u0440\u043e\u0432\u0430\u0439\u0434\u0435\u0440\u0430 \u043e\u0431\u043b\u0430\u0447\u043d\u044b\u0445 \u0443\u0441\u043b\u0443\u0433 \u0434\u043b\u044f \u043f\u043e\u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0445 \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0439. \u041f\u043e\u0434\u043e\u0431\u043d\u0430\u044f \u0446\u0435\u043b\u044c \u043e\u0442\u0445\u043e\u0434\u0438\u0442 \u043e\u0442 \u043e\u0431\u044b\u0447\u043d\u043e\u0439 \u043f\u0440\u0430\u043a\u0442\u0438\u043a\u0438 \u0433\u0440\u0443\u043f\u043f\u044b Kinsing, \u0437\u0430\u043a\u043b\u044e\u0447\u0430\u0432\u0448\u0435\u0439\u0441\u044f \u0432 \u0440\u0430\u0437\u0432\u0451\u0440\u0442\u044b\u0432\u0430\u043d\u0438\u0438 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u041f\u041e \u0438 \u0437\u0430\u043f\u0443\u0441\u043a\u0435 \u043c\u0430\u0439\u043d\u0435\u0440\u043e\u0432 \u043a\u0440\u0438\u043f\u0442\u043e\u0432\u0430\u043b\u044e\u0442.\n\n\u041e\u0434\u043d\u0430\u043a\u043e \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u043e\u0442\u043c\u0435\u0447\u0430\u044e\u0442, \u0447\u0442\u043e \u044d\u0442\u043e \u0441\u0432\u0438\u0434\u0435\u0442\u0435\u043b\u044c\u0441\u0442\u0432\u0443\u0435\u0442 \u043e \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u043c \u0440\u0430\u0441\u0448\u0438\u0440\u0435\u043d\u0438\u0438 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u043c\u0430\u0441\u0448\u0442\u0430\u0431\u043e\u0432 \u0433\u0440\u0443\u043f\u043f\u0438\u0440\u043e\u0432\u043a\u0438 \u0438 \u043c\u043e\u0436\u0435\u0442 \u0443\u043a\u0430\u0437\u044b\u0432\u0430\u0442\u044c \u043d\u0430 \u0442\u043e, \u0447\u0442\u043e \u0432 \u0431\u043b\u0438\u0436\u0430\u0439\u0448\u0435\u043c \u0431\u0443\u0434\u0443\u0449\u0435\u043c \u0438\u0445 \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f \u043c\u043e\u0433\u0443\u0442 \u0441\u0442\u0430\u0442\u044c \u0431\u043e\u043b\u0435\u0435 \u0440\u0430\u0437\u043d\u043e\u043e\u0431\u0440\u0430\u0437\u043d\u044b\u043c\u0438 \u0438 \u0438\u043d\u0442\u0435\u043d\u0441\u0438\u0432\u043d\u044b\u043c\u0438, \u0443\u0432\u0435\u043b\u0438\u0447\u0438\u0432\u0430\u044f \u0443\u0433\u0440\u043e\u0437\u0443 \u0434\u043b\u044f \u043e\u0431\u043b\u0430\u0447\u043d\u044b\u0445 \u0441\u0440\u0435\u0434.\n\n\ud83d\udd14 ITsec NEWS", "creation_timestamp": "2023-11-06T09:55:49.000000Z"}, {"uuid": "ffcc7828-3610-49ac-b285-e8d6cee56122", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4911", "type": "exploited", "source": "https://t.me/BleepingComputer/18829", "content": "\u200aHackers exploit Looney Tunables Linux bug, steal cloud creds\n\nThe operators of the Kinsing malware are targeting cloud environments with systems vulnerable to \"Looney Tunables,\" a Linux security issue\u00a0identified as CVE-2023-4911 that allows a local attacker to gain root privileges on the system. [...]\n\nhttps://www.bleepingcomputer.com/news/security/hackers-exploit-looney-tunables-linux-bug-steal-cloud-creds/", "creation_timestamp": "2023-11-06T21:41:52.000000Z"}, {"uuid": "be6f05b3-36d9-4e9f-b894-1d3bb2872cbf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4911", "type": "published-proof-of-concept", "source": "https://t.me/ETHICALHACKERSCOMMUNITY2/3187", "content": "Exploit tool for CVE-2023-4911, targeting the 'Looney Tunables' glibc vulnerability (https://www.kitploit.com/search/label/Vulnerability) in various Linux distributions.  LooneyPwner is a proof-of-concept (PoC) exploit tool targeting the critical buffer overflow (https://www.kitploit.com/search/label/Buffer%20Overflow) vulnerability, nicknamed \"Looney Tunables,\" found in the GNU C Library (glibc). This flaw, officially tracked as CVE-2023-4911, is present in various Linux distributions, posing significant risks, including unauthorized data access and system alterations.\n    The vulnerability in the GNU C Library (glibc) was disclosed last week, with notable security researchers and analysts releasing PoC exploits, indicating the potential for widespread attacks. The flaw, discovered by Qualys researchers, can grant attackers root privileges on various Linux distributions including Fedora, Ubuntu, and Debian.  Unauthorized root access provides attackers unrestricted authority, enabling them to:    Modify, delete, or steal sensitive data.  Install malicious software or backdoors.  Facilitate ongoing attacks that may remain undetected (https://www.kitploit.com/search/label/Undetected) for extended periods.  Cause data breaches, accessing customer data, intellectual property, and financial records.  Disrupt critical system operations, potentially causing service outages and harming an organization's reputation.      LooneyPwner exploits (https://www.kitploit.com/search/label/Exploits) the \"Looney Tunables\" flaw, targeting affected glibc versions. The tool:    Detects the installed glibc version.  Checks for vulnerability status.  Offers an option for exploitation (https://www.kitploit.com/search/label/Exploitation) if vulnerable.      chmod +x looneypwner.sh\n./looneypwner.sh  \n    This tool is intended for educational purposes and security research only. The user assumes all responsibility for any damages or misuse resulting from its use.    This exploit code is based on the work of leesh3288 (https://github.com/leesh3288/CVE-2023-4911). A big thanks to him for the foundational work on the exploit.  \n\nDownload LooneyPwner (https://github.com/chaudharyarjun/LooneyPwner)", "creation_timestamp": "2023-10-27T13:49:22.000000Z"}, {"uuid": "518e2cda-3633-4794-8d09-fd6aa01fdac3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4911", "type": "published-proof-of-concept", "source": "https://t.me/poxek/3258", "content": "Local Privilege Escalation glibc's ld.so (CVE-2023-4911)\n\n\u27a1\ufe0f \u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u0435 \n\n\ud83d\udd25POC: https://github.com/leesh3288/CVE-2023-4911\n\n#linux #lpe\n\n\ud83d\udcac \u041a\u0430\u043d\u0430\u043b | \ud83d\udcf6 Github", "creation_timestamp": "2023-10-06T12:16:02.000000Z"}, {"uuid": "eec544c5-9839-475f-a3a1-b7a0a2161d0d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4911", "type": "published-proof-of-concept", "source": "https://t.me/ETHICALHACKERSCOMMUNITY2/3185", "content": "LooneyPwner - Exploit Tool For CVE-2023-4911, Targeting The 'Looney Tunables' Glibc Vulnerability In Various Linux Distributions\nhttp://www.kitploit.com/2023/10/looneypwner-exploit-tool-for-cve-2023.html", "creation_timestamp": "2023-10-27T21:10:22.000000Z"}, {"uuid": "12657643-e27f-4076-aa40-0bb2a89fb861", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4911", "type": "published-proof-of-concept", "source": "https://t.me/ap_security/161", "content": "\u26a1\ufe0fLooney Tunables: PoC\n\n\ud83d\udce3\u0421\u0441\u044b\u043b\u043a\u0430 \u043d\u0430 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442:\nhttps://github.com/leesh3288/CVE-2023-4911\n\n#cve #exploit #privesc", "creation_timestamp": "2023-10-04T18:19:09.000000Z"}, {"uuid": "750abd10-7eb7-4a7e-8654-fb9749ea9770", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4911", "type": "seen", "source": "https://t.me/YouPentest/8302", "content": "\u200aCVE-2023-4911 Looney Tunables Glibc Linux Privilege Escalation | Update Your Linux Now !\n\nhttps://www.youtube.com/watch?v=lv4e742FR_8", "creation_timestamp": "2023-12-28T09:09:18.000000Z"}, {"uuid": "13acfb2a-b9fa-4f65-b0aa-5039546ce376", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4911", "type": "seen", "source": "https://t.me/YouPentest/8296", "content": "\u200aCVE-2023-4911 Glibc Linux Privilege Escalation | Update Your Linux Now !\n\nhttps://www.youtube.com/watch?v=lv4e742FR_8", "creation_timestamp": "2023-12-28T09:09:18.000000Z"}, {"uuid": "18497d0c-a4c0-43aa-8104-b8c2764ce922", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4911", "type": "seen", "source": "https://t.me/YouPentest/8291", "content": "\u200aLooking into the Looney Tunable Linux Privesc CVE-2023-4911\n\nhttps://www.youtube.com/watch?v=1iV-CD9Apn8", "creation_timestamp": "2023-12-28T09:09:18.000000Z"}, {"uuid": "7d542efc-9e84-4e0d-9e29-fdc95845794a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4911", "type": "seen", "source": "https://t.me/kasperskyb2b/918", "content": "\ud83d\udc40 \u041d\u0435\u043f\u0440\u0438\u044f\u0442\u043d\u0430\u044f LPE \u0432 \u0431\u043e\u043b\u044c\u0448\u0438\u043d\u0441\u0442\u0432\u0435 \u0434\u0438\u0441\u0442\u0440\u0438\u0431\u0443\u0442\u0438\u0432\u043e\u0432 Linux. \u041f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u0431\u0443\u0444\u0435\u0440\u0430 \u0432 ld.so, \u0437\u0430\u0433\u0440\u0443\u0437\u0447\u0438\u043a\u0435 \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a GNU C, \u0432\u043e\u0437\u043d\u0438\u043a\u0430\u044e\u0449\u0435\u0435 \u043f\u0440\u0438 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u0435 \u043f\u0435\u0440\u0435\u043c\u0435\u043d\u043d\u043e\u0439 \u043e\u043a\u0440\u0443\u0436\u0435\u043d\u0438\u044f GLIBC_TUNABLES,  \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u0442 \u043a \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044e \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0434\u043e root. \u041d\u0430\u0448\u0435\u0434\u0448\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 Qualys \u0433\u043e\u0432\u043e\u0440\u044f\u0442, \u0447\u0442\u043e \u0442\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u043e\u0435 \u0438\u0441\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043d\u0435\u0441\u043b\u043e\u0436\u043d\u043e, \u043f\u043e\u044d\u0442\u043e\u043c\u0443 \u043e\u043d\u0438 \u043f\u0440\u0438\u0434\u0435\u0440\u0436\u0430\u0442 \u0434\u0435\u0442\u0430\u043b\u0438 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430 \u0434\u043e \u0431\u043e\u043b\u0435\u0435 \u0448\u0438\u0440\u043e\u043a\u043e\u0433\u043e \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f  \u043f\u0430\u0442\u0447\u0430.  \n\u0414\u0435\u0444\u0435\u043a\u0442 CVE-2023-4911 (CVSS 7.8) \u043f\u043e\u044f\u0432\u0438\u043b\u0441\u044f \u0432 2021 \u0433\u043e\u0434\u0443 \u0438 \u0440\u0430\u0441\u043f\u043e\u043b\u0437\u0441\u044f \u043f\u043e \u0431\u043e\u043b\u044c\u0448\u0438\u043d\u0441\u0442\u0432\u0443 \u0434\u0438\u0441\u0442\u0440\u0438\u0431\u0443\u0442\u0438\u0432\u043e\u0432, \u0432 \u0442\u043e\u043c \u0447\u0438\u0441\u043b\u0435 Fedora, Ubuntu,  Debian \u0438 Red Hat (RHEL).\n\n\u041f\u0430\u0442\u0447 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043f\u0440\u0438\u043c\u0435\u043d\u0438\u0442\u044c \u043e\u043f\u0435\u0440\u0430\u0442\u0438\u0432\u043d\u043e, \u043d\u043e \u0432 \u0441\u043b\u0443\u0447\u0430\u044f\u0445, \u043a\u043e\u0433\u0434\u0430 \u044d\u0442\u043e \u043d\u0435\u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e, Red Hat \u043f\u0440\u0435\u0434\u043b\u0430\u0433\u0430\u0435\u0442 \u043c\u0435\u0440\u044b \u0441\u043c\u044f\u0433\u0447\u0435\u043d\u0438\u044f, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043f\u0440\u0438\u0434\u0451\u0442\u0441\u044f \u043f\u0440\u0438\u043c\u0435\u043d\u044f\u0442\u044c \u043f\u043e\u0441\u043b\u0435 \u043a\u0430\u0436\u0434\u043e\u0439 \u043f\u0435\u0440\u0435\u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438. \n\n#\u043d\u043e\u0432\u043e\u0441\u0442\u0438 @\u041f2\u0422", "creation_timestamp": "2023-10-04T13:28:31.000000Z"}, {"uuid": "44e3ff1f-774a-414b-8845-f5e4392c287e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4911", "type": "published-proof-of-concept", "source": "https://t.me/CherepawwkaChannel/205", "content": "\u0412\u043d\u0435\u043e\u0447\u0435\u0440\u0435\u0434\u043d\u0430\u044f \u0437\u0430\u043c\u0435\u0442\u043a\u0430 \u043f\u0440\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 glibc Looney Tunables (CVE-2023-4911) \n\u0420\u0435\u0431\u044f\u0442\u0430, \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u0432\u0448\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c: https://www.qualys.com/2023/10/03/cve-2023-4911/looney-tunables-local-privilege-escalation-glibc-ld-so.txt\n\u0412\u0435\u0440\u0441\u0438\u044f glibc, \u0432 \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u043d\u0430\u0439\u0434\u0435\u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c: 2.34\n\u0421\u0430\u043c\u0430\u044f \u0441\u0432\u0435\u0436\u0430\u044f \u0432\u0435\u0440\u0441\u0438\u044f \u0432 \u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u044f\u0445 Debian \u0438 Ubuntu (2.35+) \u0443\u0436\u0435 \u0441 \u0444\u0438\u043a\u0441\u043e\u043c\n\u041f\u0440\u043e\u0432\u0435\u0440\u0438\u0442\u044c \u0432\u0435\u0440\u0441\u0438\u044e:\nldd --version\nPoC:\nenv -i \"GLIBC_TUNABLES=glibc.malloc.mxfast=glibc.malloc.mxfast=A\" \"Z=`printf '%08192x' 1`\" /usr/bin/su --help\n\u0415\u0441\u043b\u0438 \u0432 \u0440\u0435\u0437\u0443\u043b\u044c\u0442\u0430\u0442\u0435 \u043f\u043e\u043b\u0443\u0447\u0430\u0435\u043c Segmentation fault, \u0442\u043e \u0432\u0441\u0451 \u043f\u043b\u043e\u0445\u043e.\n\u0415\u0441\u043b\u0438 \u0432\u0438\u0434\u0438\u043c \u043e\u0431\u044b\u0447\u043d\u043e\u0435 \u0438\u0441\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 su --help, \u0442\u043e \u0432\u0441\u0451 \u0432\u0440\u043e\u0434\u0435 \u0445\u043e\u0440\u043e\u0448\u043e.\n\n\u0412\u0435\u0440\u0441\u0438\u044f 2.28 \u0442\u0430\u043a\u0436\u0435 \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u0430, \u0435\u0441\u043b\u0438 \u0441\u0443\u0434\u0438\u0442\u044c \u043f\u043e \u044d\u0442\u043e\u043c\u0443: https://access.redhat.com/security/cve/cve-2023-4911\n\nPoC \u043d\u0430 GitHub:\nhttps://github.com/leesh3288/CVE-2023-4911\nhttps://github.com/RickdeJager/CVE-2023-4911\nhttps://haxx.in/files/gnu-acme.py\n\n\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u0432 \u0434\u043e\u043f\u0443\u0441\u0442\u0438\u043c\u043e \u0442\u043e\u043b\u044c\u043a\u043e \u0432 \u0442\u0435\u0441\u0442\u043e\u0432\u043e\u0439 \u0441\u0440\u0435\u0434\u0435 \u0432 \u0446\u0435\u043b\u044f\u0445 \u0438\u0437\u0443\u0447\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u043d\u0446\u0438\u043f\u043e\u0432 \u0440\u0430\u0431\u043e\u0442\u044b \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438. \u041d\u0435\u0441\u0430\u043d\u00ad\u043a\u0446\u0438\u00ad\u043e\u043d\u0438\u00ad\u0440\u043e\u0432\u0430\u043d\u00ad\u043d\u043e\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u043e\u0432, \u043f\u0440\u0438\u0432\u043e\u0434\u044f\u0449\u0435\u0435 \u043a \u043d\u0430\u0440\u0443\u0448\u0435\u00ad\u043d\u0438\u044e \u0440\u0430\u0431\u043e\u0442\u044b \u0441\u0438\u0441\u00ad\u0442\u0435\u043c, \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0435\u0441\u00ad\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u044c\u00ad\u0441\u044f \u043f\u043e \u0437\u0430\u043a\u043e\u043d\u0443.\n\n\u041f\u043e\u043a\u0430 \u043d\u0430\u0445\u043e\u0436\u0443\u0441\u044c \u0432 \u0440\u0430\u0437\u0434\u0443\u043c\u044c\u044f\u0445 \u043f\u043e \u043f\u043e\u0432\u043e\u0434\u0443 \u043d\u0430\u043f\u0438\u0441\u0430\u043d\u0438\u044f \u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u043a\u043e\u0440\u0440\u0435\u043b\u044f\u0446\u0438\u0438. \u0418\u0437 \u0438\u0434\u0435\u0439 \u043f\u043e\u043a\u0430 \u0442\u0430\u043a:\n\nevent Start_Same_Process:\n    key:\n        event_src.host, object.process.name, subject.account.session_id, subject.account.name, subject.account.id\n    filter {\n        filter::NotFromCorrelator()\n    and filter::OperatingSystem_UNIXLike()\n        and msgid == \"execve\"\n        and object == \"process\"\n        and action == \"start\"\n        and object.process.name == \"su\"  # \u0432\u044b\u0437\u044b\u0432\u0430\u0435\u0442 \u0432\u043e\u043f\u0440\u043e\u0441\u044b\n        and filter::CheckWL_Specific_Only(\"Possible_Looney_Tunables_exploitation\", join([event_src.host, subject.account.id, object.process.name], \"|\"))\n    }\n\nrule Possible_Looney_Tunables_exploitation: (Start_Same_Process[50,]) timer 10s\n\n\u0412 \u0438\u0434\u0435\u0430\u043b\u0435 \u0434\u043e\u0431\u0438\u0442\u044c \u0434\u0435\u0442\u0435\u043a\u0442 \u0434\u043e rule Possible_Successful_Looney_Tunables_exploitation: (Start_Same_Process[50,]) timer 10s -> Spawn_Interactive_Shell, \u043d\u043e \u043f\u043e\u043a\u0430 \u043d\u0435\u0442 \u043f\u043e\u043d\u0438\u043c\u0430\u043d\u0438\u044f, \u043a\u0430\u043a \u0441\u043e\u0433\u043b\u0430\u0441\u043e\u0432\u0430\u0442\u044c \u0441\u043e\u0431\u044b\u0442\u0438\u0435 \u0441\u043f\u0430\u0432\u043d\u0430 \u0438\u043d\u0442\u0435\u0440\u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0433\u043e \u0448\u0435\u043b\u043b\u0430.", "creation_timestamp": "2023-11-12T10:54:02.000000Z"}, {"uuid": "e00464cf-316e-42e8-b7d2-5f3a24c4a929", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4911", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/5557", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aLooney Tunables Local privilege escalation (CVE-2023-4911) workshop\nURL\uff1ahttps://github.com/KernelKrise/CVE-2023-4911\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-10-25T12:07:29.000000Z"}, {"uuid": "f3ee3c94-ccab-4310-8837-f81d96d272fb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4911", "type": "seen", "source": "https://t.me/kasperskyb2b/924", "content": "\u23e9 \u0418\u043d\u0442\u0435\u0440\u0435\u0441\u043d\u044b\u0435 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u044f APT \u0438 \u0418\u0411-\u043d\u043e\u0432\u043e\u0441\u0442\u0438 \u0437\u0430 \u043d\u0435\u0434\u0435\u043b\u044e\n\n\u2699\ufe0f \u041e\u0431\u0437\u043e\u0440 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u043e\u0432 \u043f\u0440\u043e\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u043e\u0439 \u043a\u0438\u0431\u0435\u0440\u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u043e\u0442 Kaspersky ICS CERT. \u041e\u0442\u0447\u0451\u0442 \u043f\u043e\u0441\u0432\u044f\u0449\u0451\u043d \u043a\u0440\u0438\u043c\u0438\u043d\u0430\u043b\u044c\u043d\u043e \u043c\u043e\u0442\u0438\u0432\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u0430\u0442\u0430\u043a\u0430\u043c \u0438 \u0445\u0430\u043a\u0442\u0438\u0432\u0438\u0437\u043c\u0443 \u2014 \u0447\u0438\u0441\u043b\u043e \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0451\u043d\u043d\u044b\u0445 \u0430\u0442\u0430\u043a \u0437\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0435 \u043f\u043e\u043b\u0433\u043e\u0434\u0430 \u0432\u044b\u0440\u043e\u0441\u043b\u043e \u0431\u043e\u043b\u0435\u0435 \u0447\u0435\u043c \u0432 \u043f\u043e\u043b\u0442\u043e\u0440\u0430 \u0440\u0430\u0437\u0430. \u041d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u0430\u0442\u0430\u043a\u0443\u0435\u043c\u044b\u0435 \u0441\u0435\u043a\u0442\u043e\u0440\u0430 \u2014 \u043f\u0440\u043e\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u043e\u0435 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0441\u0442\u0432\u043e, \u0430\u0432\u0442\u043e\u043f\u0440\u043e\u043c \u0438 \u044d\u043d\u0435\u0440\u0433\u0435\u0442\u0438\u043a\u0430. \u0411\u043e\u043b\u044c\u0448\u0438\u043d\u0441\u0442\u0432\u043e \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u043e\u0432 \u043d\u0430 \u0441\u043e\u0432\u0435\u0441\u0442\u0438 \u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u0435\u0439.\n\n\ud83d\udd20\ud83d\udd20\ud83d\udd20 \u0420\u0435\u0430\u0433\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u043d\u0430 ransomware \u043d\u0430\u0434\u043e \u0432\u0441\u0451 \u0431\u044b\u0441\u0442\u0440\u0435\u0435. \u0412\u0440\u0435\u043c\u044f, \u043f\u0440\u043e\u0432\u0435\u0434\u0451\u043d\u043d\u043e\u0435 \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u043c\u0438 \u0432 \u0441\u0435\u0442\u0438, \u0441\u043d\u0438\u0437\u0438\u043b\u043e\u0441\u044c \u0437\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0435 12 \u043c\u0435\u0441\u044f\u0446\u0435\u0432 \u0441 4,5 \u0434\u043d\u0435\u0439 \u0434\u043e \u0441\u0447\u0438\u0442\u0430\u043d\u043d\u044b\u0445 \u0447\u0430\u0441\u043e\u0432. \u0412 \u043f\u043e\u043b\u043e\u0432\u0438\u043d\u0435 \u0441\u043b\u0443\u0447\u0430\u0435\u0432 \u0440\u0430\u0441\u043a\u0430\u0442\u043a\u0430 ransomware \u043d\u0430\u0447\u0438\u043d\u0430\u0435\u0442\u0441\u044f \u0432 \u0442\u0435\u0447\u0435\u043d\u0438\u0435 \u0441\u0443\u0442\u043e\u043a, \u0432 10% \u0441\u043b\u0443\u0447\u0430\u0435\u0432 \u2014 \u0437\u0430 \u043f\u044f\u0442\u044c \u0447\u0430\u0441\u043e\u0432. \n\n\ud83d\udccc CISA \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0438  \u043e\u0442\u0447\u0451\u0442 \u043e \u0441\u0430\u043c\u044b\u0445 \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0451\u043d\u043d\u044b\u0445 \u043e\u0448\u0438\u0431\u043a\u0430\u0445 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 \u0432 \u043a\u0440\u0443\u043f\u043d\u044b\u0445 \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u044f\u0445, \u043f\u0440\u0438\u0432\u043e\u0434\u044f\u0449\u0438\u0445 \u043a \u0441\u0435\u0440\u044c\u0451\u0437\u043d\u044b\u043c \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c.  \u0412 \u0442\u043e\u043f-3 \u0443\u0432\u0435\u0440\u0435\u043d\u043d\u043e \u0432\u043e\u0448\u043b\u0438 \u0434\u0435\u0444\u043e\u043b\u0442\u043d\u044b\u0435 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0439, \u043d\u0435\u0432\u0435\u0440\u043d\u043e\u0435 \u0440\u0430\u0437\u0434\u0435\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u0438 \u0430\u0434\u043c\u0438\u043d\u043e\u0432, \u0430 \u0442\u0430\u043a\u0436\u0435 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u044b\u0439 \u043c\u043e\u043d\u0438\u0442\u043e\u0440\u0438\u043d\u0433 \u0432\u043d\u0443\u0442\u0440\u0435\u043d\u043d\u0435\u0439 \u0441\u0435\u0442\u0438.  \u0411\u043e\u043b\u0435\u0435 \u0434\u0435\u0442\u0430\u043b\u044c\u043d\u044b\u0439 \u0440\u0430\u0437\u0431\u043e\u0440 \u043e\u0442\u0447\u0451\u0442\u0430 \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u0443\u0435\u043c \u043e\u0442\u0434\u0435\u043b\u044c\u043d\u043e.\n\n\u041d\u0435\u0434\u0430\u0432\u043d\u043e \u0440\u0430\u0437\u0433\u043b\u0430\u0448\u0451\u043d\u043d\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 TeamCity \u0438 WS_FTP server \u0443\u0436\u0435 \u0432\u0441\u0442\u0430\u043b\u0438 \u043d\u0430 \u0441\u043b\u0443\u0436\u0431\u0443 \u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u0435\u0439. Teamcity \u2014 CVE-2023-42793, WS_FTP \u2014  CVE-2023-40044. \n\u0422\u0435\u043c \u0432\u0440\u0435\u043c\u0435\u043d\u0435\u043c \u0440\u044f\u0434 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u0440\u0435\u043a\u043e\u043d\u0441\u0442\u0440\u0443\u0438\u0440\u043e\u0432\u0430\u043b\u0438 PoC \u0434\u043b\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438  CVE-2023-4911 \u0432 ld.so (\u0437\u0430\u0433\u0440\u0443\u0437\u0447\u0438\u043a\u0435 \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a GNU C), \u043e\u0431\u0440\u0430\u0442\u043d\u044b\u0439 \u043e\u0442\u0441\u0447\u0451\u0442 \u0434\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u043f\u043e\u0448\u0451\u043b.\n\n\ud83c\udfaf \u041e\u0442\u0447\u0451\u0442 \u043e \u043d\u043e\u0432\u044b\u0445 \u0440\u0430\u0437\u043d\u043e\u0432\u0438\u0434\u043d\u043e\u0441\u0442\u044f\u0445 Mirai, \u0446\u0438\u0440\u043a\u0443\u043b\u0438\u0440\u0443\u044e\u0449\u0438\u0445 \u0441 \u043b\u0435\u0442\u0430: catDDoS, hailBot,kiraiBot. \n\n\u0418 \u0441\u043d\u043e\u0432\u0430 \u0441 \u0432\u0430\u043c\u0438 \u043d\u0430\u0448\u0430 \u0440\u0435\u0433\u0443\u043b\u044f\u0440\u043d\u0430\u044f \u0440\u0443\u0431\u0440\u0438\u043a\u0430 \u0432 open source \u043f\u0440\u0435\u043a\u0440\u0430\u0441\u043d\u0430\u044f \u043f\u043e\u0433\u043e\u0434\u0430 \ud83c\udf1e\n\n1\ufe0f\u20e3 \u0418\u043d\u0444\u043e\u0441\u0442\u0438\u043b\u0435\u0440\u043e\u043c \u0437\u0430\u0442\u0440\u043e\u044f\u043d\u0435\u043d\u044b \u0431\u043e\u043b\u0435\u0435 100 \u043f\u0430\u043a\u0435\u0442\u043e\u0432 Python, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0431\u044b\u043b\u0438 \u0437\u0430\u0433\u0440\u0443\u0436\u0435\u043d\u044b \u0441\u0443\u043c\u043c\u0430\u0440\u043d\u043e 75 \u0442\u044b\u0441\u044f\u0447 \u0440\u0430\u0437. \u0410\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u0435 \u0438\u043d\u0442\u0435\u0440\u0435\u0441\u043e\u0432\u0430\u043b\u0438\u0441\u044c \u043a\u0440\u0438\u043f\u0442\u043e\u043a\u043e\u0448\u0435\u043b\u044c\u043a\u0430\u043c\u0438 \u0438 \u0441\u043c\u043e\u0433\u043b\u0438 \u0441\u043e\u0432\u0435\u0440\u0448\u0438\u0442\u044c \u043a\u0440\u0430\u0436\u0438 \u043c\u0438\u043d\u0438\u043c\u0443\u043c \u043d\u0430 $100 000. \n\n2\ufe0f\u20e3 \u0412 npm \u043e\u043a\u043e\u043b\u043e \u043d\u0435\u0434\u0435\u043b\u0438 \u0436\u0438\u043b \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 \u043f\u0430\u043a\u0435\u0442 node-hide-console-windows (\u043e\u0442\u043b\u0438\u0447\u0430\u0435\u0442\u0441\u044f \u043e\u0442 \u043b\u0435\u0433\u0438\u0442\u0438\u043c\u043d\u043e\u0433\u043e \u0431\u0443\u043a\u0432\u043e\u0439  s \u0432 \u043a\u043e\u043d\u0446\u0435), \u0443\u0441\u0442\u0430\u043d\u0430\u0432\u043b\u0438\u0432\u0430\u044e\u0449\u0438\u0439 \u0436\u0435\u0440\u0442\u0432\u0430\u043c \u043e\u043f\u0435\u043d\u0441\u043e\u0440\u0441\u043d\u044b\u0439  \u0442\u0440\u043e\u044f\u043d DiscordRAT 2.0, \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0437\u0430\u043c\u0430\u0441\u043a\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u043e\u043f\u0435\u043d\u0441\u043e\u0440\u0441\u043d\u044b\u043c \u0436\u0435 \u0440\u0443\u0442\u043a\u0438\u0442\u043e\u043c r77.\n\n3\ufe0f\u20e3 \u0422\u0430\u043c \u0436\u0435 \u0432 npm \u0437\u0430\u043c\u0435\u0447\u0435\u043d\u043e \u0435\u0449\u0451 \u0431\u043e\u043b\u0435\u0435 30 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0445 \u043f\u0430\u043a\u0435\u0442\u043e\u0432, \u0432\u043e\u0440\u0443\u044e\u0449\u0438\u0445 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044e \u0441 \u043c\u0430\u0448\u0438\u043d\u044b.\n\n4\ufe0f\u20e3 \u0412\u043e\u043e\u0431\u0449\u0435 \u0436\u0435 \u0437\u0430 \u043f\u0440\u043e\u0448\u0435\u0434\u0448\u0438\u0439 \u0433\u043e\u0434 Sonatype \u043d\u0430\u0441\u0447\u0438\u0442\u0430\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 245000 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0445 \u043f\u0430\u043a\u0435\u0442\u043e\u0432 \u0432 \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u044b\u0445 \u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u044f\u0445, \u044d\u0442\u043e \u0432\u0434\u0432\u043e\u0435 \u0431\u043e\u043b\u044c\u0448\u0435 \u0447\u0435\u043c \u0437\u0430 \u0434\u0432\u0430 \u043f\u0440\u043e\u0448\u043b\u044b\u0445 \u0433\u043e\u0434\u0430 \u0432\u043c\u0435\u0441\u0442\u0435 \u0432\u0437\u044f\u0442\u044b\u0445.\n\n\ud83d\udc30 \u0410\u043d\u0430\u043b\u0438\u0437 \u043d\u043e\u0432\u043e\u0433\u043e MaaS BunnyLoader, \u0431\u0435\u0441\u0444\u0430\u0439\u043b\u043e\u0432\u043e\u0433\u043e \u0412\u041f\u041e \u043e\u0431\u044a\u0435\u0434\u0438\u043d\u044f\u044e\u0449\u0435\u0433\u043e \u0444\u0443\u043d\u043a\u0446\u0438\u0438 \u0437\u0430\u0433\u0440\u0443\u0437\u0447\u0438\u043a\u0430 \u0438 \u0438\u043d\u0444\u043e\u0441\u0442\u0438\u043b\u0435\u0440\u0430. \u041d\u0430 \u0447\u0451\u0440\u043d\u043e\u043c \u0440\u044b\u043d\u043a\u0435 \u043e\u043d \u0437\u0430\u043c\u0435\u0447\u0435\u043d \u0442\u043e\u043b\u044c\u043a\u043e \u0432 \u0441\u0435\u043d\u0442\u044f\u0431\u0440\u0435, \u043d\u043e \u0431\u044b\u0441\u0442\u0440\u043e \u043d\u0430\u0431\u0438\u0440\u0430\u0435\u0442 \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u043e\u0441\u0442\u044c \u0431\u043b\u0430\u0433\u043e\u0434\u0430\u0440\u044f \u0434\u0435\u0448\u0435\u0432\u0438\u0437\u043d\u0435, \u043c\u043d\u043e\u0433\u043e\u0444\u0443\u043d\u043a\u0446\u0438\u043e\u043d\u0430\u043b\u044c\u043d\u043e\u0441\u0442\u0438 \u0438 \u0431\u044b\u0441\u0442\u0440\u043e\u043c\u0443 \u0440\u0430\u0437\u0432\u0438\u0442\u0438\u044e.\n\n\u041a\u0430\u043a \u043c\u044b \u0443\u043f\u043e\u043c\u0438\u043d\u0430\u043b\u0438 \u0431\u0443\u043a\u0432\u0430\u043b\u044c\u043d\u043e \u0432 \u043f\u044f\u0442\u043d\u0438\u0446\u0443, \u0430\u0442\u0430\u043a\u0438 \u0447\u0435\u0440\u0435\u0437 \u043a\u043e\u043c\u043c\u0435\u0440\u0447\u0435\u0441\u043a\u0438\u0435 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b \u0448\u043f\u0438\u043e\u043d\u0430\u0436\u0430 \u0441\u0442\u0430\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u044b, \u0438 \u0432\u043e\u0442 \u043e\u0447\u0435\u0440\u0435\u0434\u043d\u044b\u0435 \u0438\u043b\u043b\u044e\u0441\u0442\u0440\u0430\u0446\u0438\u0438:  \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f Cytrox \u0438 \u0435\u0451 \u0448\u043f\u0438\u043e\u043d\u0441\u043a\u0430\u044f \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u0430 Predator \u0431\u044b\u043b\u0438 \u0440\u0430\u0437\u043e\u0431\u0440\u0430\u043d\u044b \u0432 \u0434\u0435\u0442\u0430\u043b\u044f\u0445 \u2014 \u0430\u043d\u0430\u043b\u0438\u0437 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u044b \u0432 \u0440\u0430\u0437\u043d\u044b\u0445 \u0441\u0442\u0440\u0430\u043d\u0430\u0445 (\u043e\u0442 \u041f\u043e\u0440\u0442\u0443\u0433\u0430\u043b\u0438\u0438 \u0434\u043e \u0418\u043d\u0434\u043e\u043d\u0435\u0437\u0438\u0438) \u0438 \u0440\u0430\u0437\u0431\u043e\u0440 \u0446\u0435\u043f\u043e\u0447\u043a\u0438 \u043a\u043e\u043d\u043a\u0440\u0435\u0442\u043d\u043e\u0439 \u0430\u0442\u0430\u043a\u0438 \u043d\u0430 \u043f\u043e\u043b\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0433\u043e \u0434\u0435\u044f\u0442\u0435\u043b\u044f.\n\n#\u0434\u0430\u0439\u0434\u0436\u0435\u0441\u0442 #APT @\u041f2\u0422", "creation_timestamp": "2023-10-09T08:37:20.000000Z"}, {"uuid": "212c0237-9fd6-4522-9f4c-7b7e6198a21b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4911", "type": "seen", "source": "https://t.me/arpsyndicate/890", "content": "#ExploitObserverAlert\n\nCVE-2023-4911\n\nDESCRIPTION: Exploit Observer has 238 entries related to CVE-2023-4911. A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. This issue could allow a local attacker to use maliciously crafted GLIBC_TUNABLES environment variables when launching binaries with SUID permission to execute code with elevated privileges.\n\nFIRST-EPSS: 0.018070000\nNVD-IS: 5.9\nNVD-ES: 1.8", "creation_timestamp": "2023-12-02T03:28:57.000000Z"}, {"uuid": "7e7c39c1-01d0-4372-8aca-352215735161", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4911", "type": "seen", "source": "https://t.me/ctinow/141415", "content": "https://ift.tt/jBYQLXE\n\u201cLooney Tunables\u201d bug allows root access on Linux distros (CVE-2023-4911)", "creation_timestamp": "2023-10-05T16:12:34.000000Z"}, {"uuid": "ca6838ba-0b22-430e-9107-cea6290c282d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4911", "type": "published-proof-of-concept", "source": "Telegram/Hf2Yd-qzy1GIe-P5j22BYiVqvoJdTpZ0raHmggM7-I_6rw", "content": "", "creation_timestamp": "2023-11-22T23:10:12.000000Z"}, {"uuid": "82a487f9-b84c-416b-96ca-5d50a73e3505", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-49119", "type": "seen", "source": "https://t.me/arpsyndicate/2190", "content": "#ExploitObserverAlert\n\nCVE-2023-49119\n\nDESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-49119. Stored cross-site scripting vulnerability via the img tags exists in GROWI versions prior to v6.0.0. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who accessed the site using the product.", "creation_timestamp": "2023-12-28T04:33:21.000000Z"}, {"uuid": "b665b15f-59bf-4929-b2e8-174a10d7d4fa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4911", "type": "seen", "source": "https://t.me/ctinow/143379", "content": "https://ift.tt/IRkQTU8\nLooney Tunables? CVE-2023-4911? You might be using a vulnerable Linux distribution.", "creation_timestamp": "2023-10-16T16:29:43.000000Z"}, {"uuid": "93d066a2-920f-446d-a330-cb8eef0d13d3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4911", "type": "seen", "source": "https://t.me/ctinow/140936", "content": "https://ift.tt/eT1DUqc\nCVE-2023-4911: Looney Tunables \u2013 Local Privilege Escalation in the glibc\u2019s ld.so", "creation_timestamp": "2023-10-03T19:26:43.000000Z"}, {"uuid": "b917aa37-2783-463e-9d1b-4bde279d6e1e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4911", "type": "seen", "source": "https://t.me/arpsyndicate/1755", "content": "#ExploitObserverAlert\n\nCVE-2023-4911\n\nDESCRIPTION: Exploit Observer has 237 entries related to CVE-2023-4911. A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. This issue could allow a local attacker to use maliciously crafted GLIBC_TUNABLES environment variables when launching binaries with SUID permission to execute code with elevated privileges.\n\nFIRST-EPSS: 0.018070000\nNVD-IS: 5.9\nNVD-ES: 1.8", "creation_timestamp": "2023-12-11T14:31:46.000000Z"}, {"uuid": "0fa9e8a3-2c2e-4269-a059-1bdddc0c9979", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4911", "type": "seen", "source": "https://t.me/arpsyndicate/363", "content": "#ExploitObserverAlert\n\nCVE-2023-4911\n\nDESCRIPTION: Exploit Observer has 178 entries related to CVE-2023-4911. A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. This issue could allow a local attacker to use maliciously crafted GLIBC_TUNABLES environment variables when launching binaries with SUID permission to execute code with elevated privileges.\n\nFIRST-EPSS: 0.018070000\nNVD-IS: 5.9\nNVD-ES: 1.8", "creation_timestamp": "2023-11-22T22:39:10.000000Z"}, {"uuid": "a27688fb-c124-46ad-ae28-68ecdc3f96ab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4911", "type": "published-proof-of-concept", "source": "https://t.me/cibsecurity/71860", "content": "\ud83d\udd74 'Looney Tunables' Linux Flaw Sees Snowballing Proof-of-Concept Exploits \ud83d\udd74\n\nFollowing the publication of the critical Linux security vulnerability, security specialists released PoC exploits to test the implications of CVE-2023-4911.\n\n\ud83d\udcd6 Read\n\nvia \"Dark Reading\".", "creation_timestamp": "2023-10-09T22:21:04.000000Z"}, {"uuid": "be204373-2e1e-444e-9b67-13be1493483c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4911", "type": "published-proof-of-concept", "source": "Telegram/DC49U-yyOf0wvALqOLP1PpSKVxWrQUjwJZr2ekYXZeihgw", "content": "", "creation_timestamp": "2023-10-04T09:54:27.000000Z"}, {"uuid": "03a06ceb-28ab-4a94-ae1d-13741860ce9a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4911", "type": "published-proof-of-concept", "source": "Telegram/s35AMqhqtadEqpjRxkI5cW3sPSrTin72JMblREttZD-iDXg", "content": "", "creation_timestamp": "2025-03-06T10:00:05.000000Z"}, {"uuid": "969430e3-6b80-4f51-ac43-b776d29baad9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4911", "type": "seen", "source": "https://t.me/arpsyndicate/650", "content": "#ExploitObserverAlert\n\nCVE-2023-4911\n\nDESCRIPTION: Exploit Observer has 238 entries related to CVE-2023-4911. A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. This issue could allow a local attacker to use maliciously crafted GLIBC_TUNABLES environment variables when launching binaries with SUID permission to execute code with elevated privileges.\n\nFIRST-EPSS: 0.018070000\nNVD-IS: 5.9\nNVD-ES: 1.8", "creation_timestamp": "2023-11-28T14:04:36.000000Z"}, {"uuid": "04a99c08-a401-4170-8694-1ffa3ae00c05", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4911", "type": "exploited", "source": "Telegram/C76ai0_bgvZONqwqAe3DAeLx5rlYtLmUWaWBqGfpikou0T8", "content": "", "creation_timestamp": "2023-11-03T20:39:04.000000Z"}, {"uuid": "7418e1a3-f87f-4aef-a8d2-d68d4d4b96bb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4911", "type": "seen", "source": "https://t.me/KomunitiSiber/882", "content": "Looney Tunables: New Linux Flaw Enables Privilege Escalation on Major Distributions\nhttps://thehackernews.com/2023/10/looney-tunables-new-linux-flaw-enables.html\n\nA new Linux security vulnerability dubbed Looney Tunables has been discovered in the GNU C library's ld.so dynamic loader that, if successfully exploited, could lead to a local privilege escalation and allow a threat actor to gain root privileges.\nTracked as\u00a0CVE-2023-4911\u00a0(CVSS score: 7.8), the issue is a buffer overflow that resides in the dynamic loader's processing of the\u00a0GLIBC_TUNABLES", "creation_timestamp": "2023-10-04T10:49:21.000000Z"}, {"uuid": "984fd80c-eac2-4e4f-a49d-dfef12aaa30e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4911", "type": "published-proof-of-concept", "source": "Telegram/DjajqwOKtfZ_M5ClV_Ht6Zj14zVZ5RqpF76L3bZ8ar0sOu4", "content": "", "creation_timestamp": "2025-02-18T22:00:05.000000Z"}, {"uuid": "a22c0706-dbd5-4985-b5cb-9badba0c0f55", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4911", "type": "published-proof-of-concept", "source": "https://t.me/v3n0mhack/292", "content": "CVE-2023-4911\n: https://github.com/ruycr4ft/CVE-2023-4911 \nExploiter (Python3): https://haxx.in/files/gnu-acme.py", "creation_timestamp": "2023-10-13T16:09:01.000000Z"}, {"uuid": "ceb96e2e-3b8d-4cc5-b1d1-37e244ec5de5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4911", "type": "published-proof-of-concept", "source": "https://t.me/Redscriptteam/4443", "content": "#CVE-2023-4911\n\nPoC for CVE-2023-4911\n\nhttps://github.com/leesh3288/CVE-2023-4911", "creation_timestamp": "2023-10-14T21:01:59.000000Z"}, {"uuid": "fe671dcc-184d-4d07-975d-43bbe2e9116a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4911", "type": "published-proof-of-concept", "source": "https://t.me/MrBDKR28/3392", "content": "Local Privilege Escalation in the glibc's ld.so (CVE-2023-4911)\n\nhttps://www.qualys.com/2023/10/03/cve-2023-4911/looney-tunables-local-privilege-escalation-glibc-ld-so.txt\n\nPOC: https://github.com/leesh3288/CVE-2023-4911\n\n#expdev #linux #lpe #Alexs3y", "creation_timestamp": "2023-10-09T11:25:44.000000Z"}, {"uuid": "c8e8c1af-e8ce-45ba-ab76-45ad9bb7430a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4911", "type": "seen", "source": "https://t.me/true_secator/4925", "content": "\u041d\u043e\u0432\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c Linux, \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u0430\u044f \u043a\u0430\u043a Looney Tunables, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u044b\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c root-\u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u0431\u0443\u0444\u0435\u0440\u0430 \u0432 \u0434\u0438\u043d\u0430\u043c\u0438\u0447\u0435\u0441\u043a\u043e\u043c \u0437\u0430\u0433\u0440\u0443\u0437\u0447\u0438\u043a\u0435 ld.so \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0438 GNU C.\n\nGNU C (glibc) \u2014 \u044d\u0442\u043e \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0430 C \u0441\u0438\u0441\u0442\u0435\u043c\u044b GNU, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u0440\u0438\u0441\u0443\u0442\u0441\u0442\u0432\u0443\u0435\u0442 \u0432 \u0431\u043e\u043b\u044c\u0448\u0438\u043d\u0441\u0442\u0432\u0435 \u0441\u0438\u0441\u0442\u0435\u043c \u043d\u0430 \u0431\u0430\u0437\u0435 \u044f\u0434\u0440\u0430 Linux \u0438 \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0438\u0432\u0430\u0435\u0442 \u043e\u0441\u043d\u043e\u0432\u043d\u044b\u0435 \u0444\u0443\u043d\u043a\u0446\u0438\u0438, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u044b\u0435 \u0432\u044b\u0437\u043e\u0432\u044b, \u0442\u0430\u043a\u0438\u0435 \u043a\u0430\u043a open, malloc, printf, \u0432\u044b\u0445\u043e\u0434 \u0438 \u0434\u0440\u0443\u0433\u0438\u0435, \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u044b\u0435 \u0434\u043b\u044f \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u044b.\u00a0\n\n\u0414\u0438\u043d\u0430\u043c\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u0437\u0430\u0433\u0440\u0443\u0437\u0447\u0438\u043a \u0432 glibc \u0438\u043c\u0435\u0435\u0442 \u043f\u0435\u0440\u0432\u043e\u0441\u0442\u0435\u043f\u0435\u043d\u043d\u043e\u0435 \u0437\u043d\u0430\u0447\u0435\u043d\u0438\u0435, \u043f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u043e\u043d \u043e\u0442\u0432\u0435\u0447\u0430\u0435\u0442 \u0437\u0430 \u043f\u043e\u0434\u0433\u043e\u0442\u043e\u0432\u043a\u0443 \u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u0445 Linux, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0449\u0438\u0445 glibc.\n\n\u041e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u0430\u044f Qualys\u00a0\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c (CVE-2023-4911) \u0431\u044b\u043b\u0430 \u0437\u0430\u043c\u0435\u0447\u0435\u043d\u0430 \u0432 \u0430\u043f\u0440\u0435\u043b\u0435 2021 \u0433\u043e\u0434\u0430 \u0441 \u0432\u044b\u043f\u0443\u0441\u043a\u043e\u043c glibc 2.34 \u0447\u0435\u0440\u0435\u0437 \u043a\u043e\u043c\u043c\u0438\u0442, \u043e\u043f\u0438\u0441\u0430\u043d\u043d\u044b\u0439 \u043a\u0430\u043a \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u043e\u0432\u0435\u0434\u0435\u043d\u0438\u044f SXID_ERASE \u0432 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u0430\u0445 \u0441 setuid.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0441\u0440\u0430\u0431\u0430\u0442\u044b\u0432\u0430\u0435\u0442 \u043f\u0440\u0438 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u0435 \u043f\u0435\u0440\u0435\u043c\u0435\u043d\u043d\u043e\u0439 \u0441\u0440\u0435\u0434\u044b GLIBC_TUNABLES \u0432 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0430\u0445 \u043f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e Debian 12 \u0438 13, Ubuntu 22.04 \u0438 23.04, \u0430 \u0442\u0430\u043a\u0436\u0435 Fedora 37 \u0438 38 (Alpine Linux \u043d\u0435 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442\u0441\u044f), \u0430 \u0443\u0441\u043f\u0435\u0448\u043d\u0430\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u0442 \u043a \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044e root-\u043f\u0440\u0430\u0432.\n\n\u041a\u0430\u043a \u043f\u043e\u044f\u0441\u043d\u044f\u044e\u0442 Red Hat, \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0437\u043b\u043e\u043d\u0430\u043c\u0435\u0440\u0435\u043d\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u0435 \u043f\u0435\u0440\u0435\u043c\u0435\u043d\u043d\u044b\u0435 \u0441\u0440\u0435\u0434\u044b GLIBC_TUNABLES \u043f\u0440\u0438 \u0437\u0430\u043f\u0443\u0441\u043a\u0435 \u0434\u0432\u043e\u0438\u0447\u043d\u044b\u0445 \u0444\u0430\u0439\u043b\u043e\u0432 \u0441 \u0440\u0430\u0437\u0440\u0435\u0448\u0435\u043d\u0438\u0435\u043c SUID \u0434\u043b\u044f \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430 \u0441 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u043d\u044b\u043c\u0438 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u044f\u043c\u0438.\n\n\u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0441 \u043d\u0438\u0437\u043a\u0438\u043c\u0438 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u044f\u043c\u0438 \u043c\u043e\u0433\u0443\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u044d\u0442\u0443 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0434\u043b\u044f \u043f\u0440\u043e\u0432\u0435\u0434\u0435\u043d\u0438\u044f \u0430\u0442\u0430\u043a \u043d\u0438\u0437\u043a\u043e\u0439 \u0441\u043b\u043e\u0436\u043d\u043e\u0441\u0442\u0438, \u043d\u0435 \u0442\u0440\u0435\u0431\u0443\u044e\u0449\u0438\u0445 \u0432\u0437\u0430\u0438\u043c\u043e\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f \u0441 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u043c.\n\n\u041d\u0435\u0441\u043c\u043e\u0442\u0440\u044f \u043d\u0430 \u0442\u043e, \u0447\u0442\u043e PoC \u043d\u0435 \u0440\u0430\u0441\u043a\u0440\u044b\u0432\u0430\u0435\u0442\u0441\u044f, \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u043f\u043e\u043b\u0430\u0433\u0430\u044e\u0442, \u0447\u0442\u043e \u043b\u0435\u0433\u043a\u043e\u0441\u0442\u044c \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u043f\u043e\u044f\u0432\u043b\u0435\u043d\u0438\u044e \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u0432 \u0432 \u0441\u0430\u043c\u043e\u0435 \u0431\u043b\u0438\u0436\u0430\u0439\u0448\u0435\u0435 \u0432\u0440\u0435\u043c\u044f, \u0432 \u0441\u0432\u044f\u0437\u0438 \u0441 \u0447\u0435\u043c \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u044b\u043c \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430\u043c \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e \u0434\u0435\u0439\u0441\u0442\u0432\u043e\u0432\u0430\u0442\u044c \u0431\u044b\u0441\u0442\u0440\u043e.", "creation_timestamp": "2023-10-04T15:25:30.000000Z"}, {"uuid": "96ec2a6a-3a27-4b8b-b24d-c9b9674ce48d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4911", "type": "published-proof-of-concept", "source": "Telegram/9b6wG6Il7-Fs6fbMdT7ZuXLkWZY4c8ncON5lXsj9jLiXJkM", "content": "", "creation_timestamp": "2023-10-10T13:37:00.000000Z"}, {"uuid": "e02e2a4b-2c8d-46ae-90c5-6bf4f52e4c72", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4911", "type": "seen", "source": "https://t.me/cibsecurity/71521", "content": "\u203c CVE-2023-4911 \u203c\n\nA buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. This issue could allow a local attacker to use maliciously crafted GLIBC_TUNABLES environment variables when launching binaries with SUID permission to execute code with elevated privileges.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-03T22:25:32.000000Z"}, {"uuid": "ea0a232d-d60d-450b-ad9f-884dfa52f026", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4911", "type": "published-proof-of-concept", "source": "https://t.me/true_secator/4936", "content": "DANGER! \u0412 \u0441\u0435\u0442\u0438 \u0443\u0436\u0435 \u043f\u043e\u044f\u0432\u0438\u043b\u0438\u0441\u044c \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u044b \u0434\u043b\u044f \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u0434\u0438\u043d\u0430\u043c\u0438\u0447\u0435\u0441\u043a\u043e\u043c \u0437\u0430\u0433\u0440\u0443\u0437\u0447\u0438\u043a\u0435 GNU C Library, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0438\u0435 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u044b\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043f\u043e\u043b\u0443\u0447\u0430\u0442\u044c root-\u043f\u0440\u0430\u0432\u0430 \u0432 \u043e\u0441\u043d\u043e\u0432\u043d\u044b\u0445 \u0434\u0438\u0441\u0442\u0440\u0438\u0431\u0443\u0442\u0438\u0432\u0430\u0445 Linux.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0430 \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 Looney Tunables, \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u0442\u0441\u044f \u043a\u0430\u043a CVE-2023-4911, \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435\u043c \u0431\u0443\u0444\u0435\u0440\u0430 \u0438 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0441\u0442\u0430\u043d\u0434\u0430\u0440\u0442\u043d\u044b\u0435 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0438 Debian 12 \u0438 13, Ubuntu 22.04 \u0438 23.04, \u0430 \u0442\u0430\u043a\u0436\u0435 Fedora 37 \u0438 38.\n\n\u0410\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u0435 \u043c\u043e\u0433\u0443\u0442 \u0430\u043a\u0442\u0438\u0432\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0438 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0435 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043a\u043e\u0434\u0430 \u0441 root-\u043f\u0440\u0430\u0432\u0430\u043c\u0438 \u043f\u0440\u0438 \u0437\u0430\u043f\u0443\u0441\u043a\u0435 \u0431\u0438\u043d\u0430\u0440\u043d\u044b\u0445 \u0444\u0430\u0439\u043b\u043e\u0432 \u0441 \u0440\u0430\u0437\u0440\u0435\u0448\u0435\u043d\u0438\u0435\u043c SUID, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0437\u043b\u043e\u043d\u0430\u043c\u0435\u0440\u0435\u043d\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u0443\u044e \u043f\u0435\u0440\u0435\u043c\u0435\u043d\u043d\u0443\u044e \u043e\u043a\u0440\u0443\u0436\u0435\u043d\u0438\u044f GLIBC_TUNABLES, \u043e\u0431\u0440\u0430\u0431\u0430\u0442\u044b\u0432\u0430\u0435\u043c\u0443\u044e \u0434\u0438\u043d\u0430\u043c\u0438\u0447\u0435\u0441\u043a\u0438\u043c \u0437\u0430\u0433\u0440\u0443\u0437\u0447\u0438\u043a\u043e\u043c ld.so.\n\n\u0421 \u0442\u0435\u0445 \u043f\u043e\u0440 \u043a\u0430\u043a \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u044b Qualys \u0440\u0430\u0441\u043a\u0440\u044b\u043b\u0438 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044e \u043e\u0431 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u0443\u0441\u043f\u0435\u043b\u0438 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u0438\u0442\u044c PoC, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0440\u0430\u0431\u043e\u0442\u0430\u0435\u0442 \u0434\u043b\u044f \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u044b\u0445 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0439.\n\n\u0410\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430\u043c \u0441\u043b\u0435\u0434\u0443\u0435\u0442 \u043d\u0435\u043c\u0435\u0434\u043b\u0435\u043d\u043d\u043e \u043f\u0440\u0438\u043d\u044f\u0442\u044c \u043c\u0435\u0440\u044b \u0432 \u0432\u0438\u0434\u0443 \u0437\u043d\u0430\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0441\u0442\u0438 \u0443\u0433\u0440\u043e\u0437\u044b, \u043a\u043e\u0442\u043e\u0440\u0443\u044e \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u044d\u0442\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0438\u0432\u0430\u044e\u0449\u0430\u044f  root-\u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u043c, \u0440\u0430\u0431\u043e\u0442\u0430\u044e\u0449\u0438\u043c \u043d\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0445 \u0432\u0435\u0440\u0441\u0438\u044f\u0445 \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u044b\u0445 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c Linux, \u0442\u0430\u043a\u0438\u0445 \u043a\u0430\u043a Fedora, Ubuntu \u0438 Debian. \n\n\u0423\u0447\u0438\u0442\u044b\u0432\u0430\u044f, \u0447\u0442\u043e \u0432\u043f\u0435\u0440\u0435\u0434\u0438 \u0432\u044b\u0445\u043e\u0434\u043d\u044b\u0435, \u0430 \u043f\u0440\u0430\u0432\u0438\u043b\u043e 72 \u0447\u0430\u0441\u043e\u0432 \u043d\u0438\u043a\u0442\u043e \u043d\u0435 \u043e\u0442\u043c\u0435\u043d\u044f\u043b.", "creation_timestamp": "2023-10-06T14:05:05.000000Z"}, {"uuid": "4d4cd425-9bce-43f6-8349-9eb47bc1d9e2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4911", "type": "published-proof-of-concept", "source": "https://t.me/DailyToolz/1049", "content": "https://github.com/RickdeJager/CVE-2023-4911\n- @DailyToolz | share and support us.", "creation_timestamp": "2023-10-22T00:37:39.000000Z"}, {"uuid": "9a6cd117-228b-485a-a89f-cb9e3bc47065", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-49118", "type": "seen", "source": "https://t.me/ctinow/192625", "content": "https://ift.tt/RGjK2qW\nCVE-2023-49118 | OpenHarmony up to 3.2.4/4.0.0 out-of-bounds", "creation_timestamp": "2024-02-24T15:16:54.000000Z"}, {"uuid": "6790cd75-bad0-413e-8a4e-0ee6a07aba2e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-49119", "type": "seen", "source": "https://t.me/ctinow/159286", "content": "https://ift.tt/4IDeGvp\nCVE-2023-49119", "creation_timestamp": "2023-12-26T09:26:55.000000Z"}, {"uuid": "6d4ad753-0db7-4c81-b1c0-ea721e44e948", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-49115", "type": "seen", "source": "https://t.me/ctinow/187298", "content": "https://ift.tt/PvifptK\nCVE-2023-49115 | MachineSense FeverWarn MQTT Message missing authentication (icsa-24-025-01)", "creation_timestamp": "2024-02-18T16:46:31.000000Z"}, {"uuid": "cf73d819-410b-4eb2-994d-f3e5ac34451d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4911", "type": "seen", "source": "https://t.me/ctinow/180825", "content": "https://ift.tt/C4ayTwf\nCVE-2023-4911 | Oracle Communications Cloud Native Core Security Edge Protection Proxy Signaling Local Privilege Escalation", "creation_timestamp": "2024-02-07T16:42:06.000000Z"}, {"uuid": "043ff3b0-084b-49a3-a1db-d11a5f814560", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-49117", "type": "seen", "source": "https://t.me/ctinow/170127", "content": "https://ift.tt/SLUfhnI\nCVE-2023-49117 | Alfasado PowerCMS up to 4.54/5.24/6.31 cross site scripting", "creation_timestamp": "2024-01-19T10:16:38.000000Z"}, {"uuid": "e76fa5e1-c02e-4bf1-8909-a2510c40017f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-49119", "type": "seen", "source": "https://t.me/ctinow/170126", "content": "https://ift.tt/6z4PRsE\nCVE-2023-49119 | WESEEK GROWI up to 5.x cross site scripting", "creation_timestamp": "2024-01-19T10:16:37.000000Z"}, {"uuid": "73a471b7-2c47-4e22-882b-f53137afc560", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-49115", "type": "seen", "source": "https://t.me/ctinow/177838", "content": "https://ift.tt/W9zwY5r\nCVE-2023-49115", "creation_timestamp": "2024-02-02T00:26:24.000000Z"}, {"uuid": "f0e48a04-7c9f-47cf-a694-ae65e241c827", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-49118", "type": "seen", "source": "https://t.me/ctinow/177969", "content": "https://ift.tt/k1HPgYG\nCVE-2023-49118", "creation_timestamp": "2024-02-02T08:31:29.000000Z"}, {"uuid": "f430a0fe-5ea1-47d2-b9a9-e04123f8c165", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-49117", "type": "seen", "source": "https://t.me/ctinow/159266", "content": "https://ift.tt/yWMlwbs\nCVE-2023-49117", "creation_timestamp": "2023-12-26T07:26:48.000000Z"}, {"uuid": "bd6d9df7-4c73-418d-bfde-aa5a4c198840", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4911", "type": "seen", "source": "https://t.me/information_security_channel/50771", "content": "Severe Glibc Privilege Escalation Vulnerability Impacts Major Linux Distributions\nhttps://www.securityweek.com/severe-glibc-privilege-escalation-vulnerability-impacts-major-linux-distributions/\n\nA local privilege escalation vulnerability (CVE-2023-4911) in the GNU C Library (glibc) can be exploited to gain full root privileges.\nThe post Severe Glibc Privilege Escalation Vulnerability Impacts Major Linux Distributions (https://www.securityweek.com/severe-glibc-privilege-escalation-vulnerability-impacts-major-linux-distributions/) appeared first on SecurityWeek (https://www.securityweek.com/).", "creation_timestamp": "2023-10-04T17:11:53.000000Z"}, {"uuid": "94ecb338-cfdc-41cf-b45e-3c4ff82c6deb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4911", "type": "seen", "source": "https://t.me/GDSpace/962", "content": "\u041f\u0440\u043e\u0436\u0435\u043a\u0442\u043e\u0440 \u043f\u043e \u0418\u0411, \u0432\u044b\u043f\u0443\u0441\u043a \u21166 (08.10.2023). \u0417\u0430\u043f\u0438\u0441\u0430\u043b\u0438 \u043e\u0447\u0435\u0440\u0435\u0434\u043d\u043e\u0439 \u044d\u043f\u0438\u0437\u043e\u0434. \u0412 \u043e\u0441\u043d\u043e\u0432\u043d\u043e\u043c \u043c\u044b \u0433\u043e\u0432\u043e\u0440\u0438\u043b\u0438 \u043f\u0440\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u0440\u043e\u0448\u043b\u043e\u0439 \u043d\u0435\u0434\u0435\u043b\u0438.\n\n\u041c\u044b \u044d\u0442\u043e:\n\n\ud83d\udd38 \u0410\u043b\u0435\u043a\u0441\u0430\u043d\u0434\u0440 \u041b\u0435\u043e\u043d\u043e\u0432, \"\u0423\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u043c\u0438 \u0438 \u043f\u0440\u043e\u0447\u0435\u0435\"\n\ud83d\udd38 \u041b\u0435\u0432 \u041f\u0430\u043b\u0435\u0439, \"\u0412\u0435\u0441\u0442\u0438 \u0438\u0437 \u041f\u0430\u043b\u0435\u0439\"\n\ud83d\udd38 \u041c\u0430\u043a\u0441\u0438\u043c \u0425\u0430\u0440\u0430\u0441\u043a, \"Global Digital Space\"\n\n00:00 \u0417\u0434\u043e\u0440\u043e\u0432\u0430\u0435\u043c\u0441\u044f, \u0441\u043c\u043e\u0442\u0440\u0438\u043c \u0441\u0442\u0430\u0442\u0438\u0441\u0442\u0438\u043a\u0443 \u043f\u043e \u043f\u0440\u043e\u0441\u043c\u043e\u0442\u0440\u0430\u043c \u043f\u0440\u0435\u0434\u044b\u0434\u0443\u0449\u0435\u0433\u043e \u0432\u044b\u043f\u0443\u0441\u043a\u0430\n02:18 \u0421\u0430\u0448\u0430 \u0432\u044b\u0448\u0435\u043b \u043d\u0430 \u0440\u0430\u0431\u043e\u0442\u0443 \u0432 Positive Technologies \u0438 \u0447\u0435\u043c \u0436\u0435 \u043e\u043d \u0442\u0430\u043c \u0431\u0443\u0434\u0435\u0442 \u0437\u0430\u043d\u0438\u043c\u0430\u0442\u044c\u0441\u044f\n04:50 RCE \u0431\u0435\u0437 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0432 \u043f\u043e\u0447\u0442\u043e\u0432\u043e\u043c \u0441\u0435\u0440\u0432\u0435\u0440\u0435 Exim (CVE-2023-42115)\n08:16 SSRF/RCE \u0432 TorchServe (CVE-2023-43654, CVE-2022-1471), ShellTorch\n12:05 \u0412 Cisco Emergency Responder \u043d\u0430\u0448\u043b\u0438 root-\u043e\u0432\u044b\u0435 \u0443\u0447\u0451\u0442\u043a\u0438 \u0441 \u0437\u0430\u0445\u0430\u0440\u0434\u043a\u043e\u0436\u0435\u043d\u043d\u044b\u043c\u0438 \u043f\u0430\u0440\u043e\u043b\u044f\u043c\u0438 (CVE-2023-20101)\n16:44 \u041d\u043e\u0432\u044b\u0439 \u043a\u0440\u0438\u043f\u0442\u043e\u0433\u0440\u0430\u0444\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 OpenPubkey\n17:56 EoP \u0438\u043b\u0438 \u043e\u0431\u0445\u043e\u0434 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0432 Atlassian Confluence (CVE-2023-22515)\n23:42 \u0413\u0440\u044f\u0434\u0435\u0442 \u043e\u043f\u0430\u0441\u043d\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c cURL \u0438 libcurl (CVE-2023-38545)\n27:07 \u041d\u043e\u0432\u0430\u044f bug bounty \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u0430 \u041c\u0438\u043d\u0446\u0438\u0444\u0440\u044b\n30:32 \u0421\u0438\u0441\u0442\u0435\u043c\u0430 \u0431\u0440\u043e\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \"\u041b\u0435\u043e\u043d\u0430\u0440\u0434\u043e\" \u0432\u043d\u043e\u0432\u044c \u043f\u043e\u0434\u0432\u0435\u0440\u0433\u043b\u0430\u0441\u044c DDOS-\u0430\u0442\u0430\u043a\u0435 \u0438\u0437-\u0437\u0430 \u0440\u0443\u0431\u0435\u0436\u0430\n35:22 \u042d\u043a\u043e\u0441\u0438\u0441\u0442\u0435\u043c\u0430 Xiaomi \u0432\u044b\u0448\u043b\u0430 \u0438\u0437 \u0441\u0442\u0440\u043e\u044f \u043f\u043e \u0432\u0441\u0435\u0439 \u0420\u043e\u0441\u0441\u0438\u0438\n36:38 Qualys-\u044b \u043d\u0430\u0440\u0435\u0441\u0435\u0440\u0447\u0438\u043b\u0438 EoP/LPE \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432\u043e \u0432\u0441\u0435\u0445 Linux-\u0434\u0438\u0441\u0442\u0440\u0438\u0431\u0430\u0445, \u0430 \u043a\u043e\u043d\u043a\u0440\u0435\u0442\u043d\u043e \u0432 glibc (CVE-2023-4911)\n39:19 XSpider-\u0443 25 \u043b\u0435\u0442. \u0420\u043e\u0432\u043d\u043e \u043a\u0430\u043a \u0438 \u0432\u0441\u0435\u043c\u0443 \u0441\u043e\u0432\u0440\u0435\u043c\u0435\u043d\u043d\u043e\u043c\u0443 Vulnerability Management-\u0443. \u041e\u0431\u0441\u0443\u0436\u0434\u0430\u0435\u043c \u0432 \u043a\u0430\u043a\u0443\u044e \u0441\u0442\u043e\u0440\u043e\u043d\u0443 \u0440\u0430\u0437\u0432\u0438\u0432\u0430\u0435\u0442\u0441\u044f VM.\n46:42 \u041f\u0440\u043e\u0449\u0430\u043d\u0438\u0435 \u043e\u0442 Mr. X\n\n@avleonovrus #\u041f\u0440\u043e\u0436\u0435\u043a\u0442\u043e\u0440\u041f\u043e\u0418\u0411 #PositiveTechnologies #Exim #TorchServe #Cisco #OpenPubkey #Atlassian #Confluence #cURL #libcurl #bugbounty #\u041c\u0438\u043d\u0446\u0438\u0444\u0440\u044b #\u041b\u0435\u043e\u043d\u0430\u0440\u0434\u043e #Xiaomi #Qualys #Linux #glibc #XSpider #VulnerabilityManagement #MaxPatrolVM", "creation_timestamp": "2023-10-09T21:14:14.000000Z"}, {"uuid": "cf2e03b7-d3e3-4915-89b7-7a92db108ba5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4911", "type": "exploited", "source": "https://t.me/xakep_ru/14951", "content": "Linux-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c Looney Tunables \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0433\u0440\u0443\u043f\u043f\u043e\u0439 Kinsing \u0432 \u043e\u0431\u043b\u0430\u0447\u043d\u044b\u0445 \u0430\u0442\u0430\u043a\u0430\u0445\n\n\u041e\u043f\u0435\u0440\u0430\u0442\u043e\u0440\u044b \u043c\u0430\u043b\u0432\u0430\u0440\u0438 Kinsing \u0430\u0442\u0430\u043a\u0443\u044e\u0442 \u043e\u0431\u043b\u0430\u0447\u043d\u044b\u0435 \u0441\u0440\u0435\u0434\u044b \u0441 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u043c\u0438, \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u043c\u0438 \u043f\u0435\u0440\u0435\u0434 \u0441\u0432\u0435\u0436\u0435\u0439 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u043e\u0439 Looney Tunables. \u041d\u0430\u043f\u043e\u043c\u043d\u0438\u043c, \u0447\u0442\u043e \u044d\u0442\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u0442\u0441\u044f \u043a\u0430\u043a CVE-2023-4911 \u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c root-\u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438 \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0435.\n\nhttps://xakep.ru/2023/11/08/looney-tunables-kinsing/", "creation_timestamp": "2023-11-08T15:37:39.000000Z"}, {"uuid": "8f9693b8-66b6-43b4-a7c1-da26c5dff28e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4911", "type": "seen", "source": "https://t.me/thehackernews/3963", "content": "New Linux vulnerability (CVE-2023-4911) named Looney Tunables found in the GNU C library's dynamic loader. Exploitation could lead to root privileges. \n \nLearn how it affects major #Linux distributions: https://thehackernews.com/2023/10/looney-tunables-new-linux-flaw-enables.html", "creation_timestamp": "2023-10-04T16:43:46.000000Z"}, {"uuid": "a3ace05e-7628-4f91-89fc-3333207d3948", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4911", "type": "seen", "source": "https://t.me/xakep_ru/14791", "content": "\u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 Looney Tunables \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c root-\u043f\u0440\u0430\u0432\u0430 \u0432 \u0434\u0438\u0441\u0442\u0440\u0438\u0431\u0443\u0442\u0438\u0432\u0430\u0445 Linux\n\n\u041d\u043e\u0432\u0430\u044f Linux-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u043f\u043e\u043b\u0443\u0447\u0438\u0432\u0448\u0430\u044f \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 Looney Tunables (CVE-2023-4911), \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c root-\u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u0431\u0443\u0444\u0435\u0440\u0430 \u0432 \u0434\u0438\u043d\u0430\u043c\u0438\u0447\u0435\u0441\u043a\u043e\u043c \u0437\u0430\u0433\u0440\u0443\u0437\u0447\u0438\u043a\u0435 ld.so \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0438 GNU C. \u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0443\u0433\u0440\u043e\u0437\u0443 \u043f\u0440\u0430\u043a\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u0434\u043b\u044f \u0432\u0441\u0435\u0445 \u043e\u0441\u043d\u043e\u0432\u043d\u044b\u0445 \u0434\u0438\u0441\u0442\u0440\u0438\u0431\u0443\u0442\u0438\u0432\u043e\u0432 Linux, \u0432\u043a\u043b\u044e\u0447\u0430\u044f Fedora, Ubuntu, Debian \u0438 \u0442\u0430\u043a \u0434\u0430\u043b\u0435\u0435.\n\nhttps://xakep.ru/2023/10/05/looney-tunables/", "creation_timestamp": "2023-10-05T10:34:33.000000Z"}, {"uuid": "15b85057-317b-4bd4-b1db-584c9f0ae2ba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4911", "type": "exploited", "source": "https://t.me/SecLabNews/14381", "content": "\u0412\u044b\u043f\u0443\u0449\u0435\u043d\u044b \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u044b \u0434\u043b\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 Linux, \u0434\u0430\u044e\u0449\u0435\u0439 root \u0432 \u043e\u0441\u043d\u043e\u0432\u043d\u044b\u0445 \u0434\u0438\u0441\u0442\u0440\u0438\u0431\u0443\u0442\u0438\u0432\u0430\u0445\n\n\u2757\ufe0f\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u0430\u044f \u043a\u0430\u043a \u201cLooney Tunables\u201d \u0438 \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u043c\u0430\u044f \u043a\u0430\u043a CVE-2023-4911, \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435\u043c \u0431\u0443\u0444\u0435\u0440\u0430 \u0432 ld.so - \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u0435, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0437\u0430\u0433\u0440\u0443\u0436\u0430\u0435\u0442 \u0438 \u0441\u0432\u044f\u0437\u044b\u0432\u0430\u0435\u0442 \u0440\u0430\u0437\u0434\u0435\u043b\u044f\u0435\u043c\u044b\u0435 \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0438 \u0441 \u0438\u0441\u043f\u043e\u043b\u043d\u044f\u0435\u043c\u044b\u043c\u0438 \u0444\u0430\u0439\u043b\u0430\u043c\u0438.\n\n\u2757\ufe0f \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u043e\u0432\u0430\u043b\u0430 \u0432 \u0442\u0435\u0447\u0435\u043d\u0438\u0435 12 \u043b\u0435\u0442 \u0438 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0442\u0430\u043a\u0438\u0435 \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u044b\u0435 \u0434\u0438\u0441\u0442\u0440\u0438\u0431\u0443\u0442\u0438\u0432\u044b, \u043a\u0430\u043a Ubuntu, Debian, Fedora \u0438 Red Hat. \u0412 \u0441\u0435\u0442\u0438 \u0443\u0436\u0435 \u043f\u043e\u044f\u0432\u0438\u043b\u0438\u0441\u044c \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u044b, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0438\u0435 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u044b\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043f\u043e\u043b\u0443\u0447\u0430\u0442\u044c root-\u043f\u0440\u0430\u0432\u0430 \u043d\u0430 \u0446\u0435\u043b\u0435\u0432\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u0445.\n\n\u2757\ufe0f \u0420\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0438 GNU C Library \u0443\u0436\u0435 \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0438 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u044f\u044e\u0449\u0435\u0435 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0443. \u041f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c Linux \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043d\u0435\u043c\u0435\u0434\u043b\u0435\u043d\u043d\u043e \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u0441\u0432\u043e\u0438 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0438 \u0438\u0437\u0431\u0435\u0433\u0430\u0442\u044c \u0437\u0430\u043f\u0443\u0441\u043a\u0430 \u043d\u0435\u043d\u0430\u0434\u0435\u0436\u043d\u044b\u0445 \u0438\u0441\u043f\u043e\u043b\u043d\u044f\u0435\u043c\u044b\u0445 \u0444\u0430\u0439\u043b\u043e\u0432.\n\n#Linux #\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c #LooneyTunables @SecLabNews", "creation_timestamp": "2023-10-06T14:01:56.000000Z"}, {"uuid": "45223719-2777-47ea-8ee7-51d42b22f832", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4911", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/1257", "content": "https://www.qualys.com/2023/10/03/cve-2023-4911/looney-tunables-local-privilege-escalation-glibc-ld-so.txt\n\ncve 2023-4911", "creation_timestamp": "2023-10-10T18:26:06.000000Z"}, {"uuid": "69e3719d-2c54-4e86-a608-ad72b15aae28", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4911", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/9136", "content": "#exploit\n1. MSIFortune - LPE with MSI Installers\nhttps://badoption.eu/blog/2023/10/03/MSIFortune.html\n\n2. CVE-2023-38743:\nManageEngine ADManager Command Injection\nhttps://github.com/PetrusViet/CVE-2023-38743\n\n3. IOS 17 Crash Exploit\nhttps://github.com/RapierXbox/ESP32-Sour-Apple\n\n4. CVE-2023-4911:\n\"Looney Tunables\"\nLPE in the glibc's ld*so\nhttps://www.qualys.com/2023/10/03/cve-2023-4911/looney-tunables-local-privilege-escalation-glibc-ld-so.txt\n]-> https://github.com/RickdeJager/CVE-2023-4911", "creation_timestamp": "2023-10-06T06:39:32.000000Z"}, {"uuid": "0214139b-8bc8-4ad8-9980-c54cf40e22a4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4911", "type": "seen", "source": "https://poliverso.org/objects/0477a01e-1122ebc0-12145c4779ccb07a", "content": "What\u2019s in the container? Analyzing vulnerabilities, risks and protection with Kaspersky Container Security and the KIRA AI assistant\nIntroduction\nContainerization using Docker has become firmly established in modern development standards, significantly increasing the speed and convenience of deploying various services. Developers often use ready-made Docker images, making only minimal changes. The largest repository of container images is the Docker Hub service.\nContainer-hosted infrastructure is an attractive target for attackers. At a minimum, a compromised container can be used for DDoS attacks, cryptocurrency mining, or traffic proxying. The list of threats does not end there: once an attacker gains control of a container, they can steal or destroy data directly from it, access neighboring containers, or even attempt to escape the container, compromising the entire enterprise network.\nAt the same time, the infrastructure inside containers is typically updated less frequently and may contain outdated and vulnerable software versions. When deploying third-party images or modifying them for a specific environment, it is easy to make configuration errors that attackers can later exploit. And due to the architectural characteristics of containers, developers often face constraints when preparing images; to overcome these, they may resort to insecure solutions they find online.\nIn other words, containerized infrastructure can be both the simplest and the most lucrative target to exploit. Therefore, its security requires heightened attention. To minimize the risk of successful attacks on container infrastructure, it is essential to check the final Docker images, including all underlying layers, for vulnerabilities and misconfigurations. The easiest way to do this is by analyzing the Dockerfile; however, it is not always available for inspection. Moreover, it typically defines how to build layers on top of a base image from an external repository whose reliability cannot be guaranteed.\nImage analysis results in Kaspersky Container Security\nTo help users identify insecure configurations and potential vulnerabilities within them, we have added our AI assistant to Kaspersky Container Security.KIRA (the assistant\u2019s name) uses artificial intelligence to analyze the image and identify potential issues within, along with recommendations on how to fix them.\nAs part of this study, we asked KIRA to analyze a number of popular community images, and later in this article, we\u2019ll show you the results.\nSoftware vulnerabilities and compromise of update sources\nOne of the key security issues with using pre-built images is that developers do not update them in a timely manner. A Docker image is, by its very nature, a snapshot of a specific Linux distribution after packages have been installed on it. However, in most cases, it does not receive security updates on its own, unlike traditional Linux servers, where these updates are automatically installed by specialized services, such as unattended-upgrades in Debian-based distributions and dnf-automatic in RedHat-based distributions.\nTo apply updates to a Docker image, it must be rebuilt and redeployed. Often, this process is not automated, and some updates require additional effort to verify their correct operation, modify configurations when upgrading to new software versions, and so on. As a result, many popular images do not receive timely updates, which significantly increases the risks associated with their use.\nAn image that was secure at build time accumulates vulnerabilities as they are discovered in the packages installed within it, which over time significantly increases the opportunities for a successful attack on the container.\nVulnerable versions of web applications and network services accessible from the internet immediately become targets of various malicious campaigns. For example, just one day after the discovery of the CVE-2025-55182 vulnerability in React Server Components, our honeypots recorded numerous attack attempts related to this vulnerability. It was adopted by operators of many malicious campaigns, ranging from classic cryptocurrency miners to variants of Mirai and Gafgyt. Attackers are constantly adding new distribution methods and can use dozens of exploits targeting various vulnerabilities and configuration errors in popular services. Often, the same vulnerabilities are used in self-propagation mechanisms from already compromised hosts. For example, in a malicious campaign to spread the Dero miner, attackers use infected containers to automatically search for and infect new targets.\nIn addition to vulnerabilities that can be exploited remotely, attackers are rapidly adding local vulnerabilities to their arsenal, used to gain root privileges and escape the container: in the Kinsing malware campaign, attackers used CVE-2023-4911 (Looney Tunables) to elevate privileges, and in the perfctl campaign, the CVE-2021-4034 (PwnKit) vulnerability was used for the same purpose. The access gained was used to install a rootkit that hides the presence of perfctl on the system.\nTo assess the situation with unpatched vulnerabilities in containers, we took a random sample of 100 images, which included various popular solutions with 10,000 to 1 million downloads on DockerHub. In the 64 images we scanned, we found outdated software versions with critical vulnerabilities. For example, some images contained the CVE-2025-49844 vulnerability in the Redis server, leading to RCE by leveraging a vulnerability in the Lua parser; the current CVE-2026-24061 vulnerability in nginx, which in some configurations leads to a server process crash, and with ASLR disabled, again, to RCE; vulnerabilities CVE-2025-32463 in sudo and CVE-2023-4911 in glibc, allowing an attacker to gain root privileges with local access. At the same time, only one in ten Docker images from the analyzed sample is fully up to date.\nTOP 10 Critical Vulnerabilities with PoC/Exploits available as shown in the Kaspersky Container Security Dashboard\nIt is worth noting that, of course, not every discovered vulnerability can be directly exploited by attackers. A practical risk arises when the vulnerable application or library is actually in use, and the conditions necessary for exploitation \u2013 which vary significantly from vulnerability to vulnerability \u2013 are met. Nevertheless, updates must not be ignored, as the risk of vulnerabilities being exploited \u2013 both individually and in various combinations \u2013 cannot be predicted in each specific case, and even vulnerabilities that seem harmless at first glance can ultimately pose a serious risk of compromise.\nA record number of vulnerabilities in a single image\nHowever, frequent updates have a downside. Every rebuild that downloads new packages from source repositories introduces an additional risk of a supply chain attack \u2013 a compromised dependency or a modified base image could silently inject malicious code into your environment precisely through an update. During our analysis of images from the sample, we did not find any signs of supply chain attacks. However, in March 2026, a supply chain incident occurred in the Trivy and LiteLLM projects. In the case of Trivy, the infected file was injected directly into the container image in the official repositories.\nDetecting potentially malicious software using one of the images as an example\nThis leads to a difficult choice: infrequent updates leave known vulnerabilities unpatched within the image, while frequent updates increase the risk of supply chain compromise. Therefore, to protect your infrastructure, you need not only to regularly update base images but also to take a more comprehensive approach, specifically by pinning dependencies to known-good versions and scanning the resulting images for malware upon update.\nConfiguration vulnerabilities\nEven a container with a fully updated image can be compromised if it is configured incorrectly. Embedding keys and secrets in the image, disabling authentication in network services, default passwords, and insecure file access permissions \u2013 all of these can be exploited by attackers in one way or another to achieve their goals.\nInsecure image configurations detected by KCS based on rules\nThe situation is exacerbated by the fact that errors may be introduced by the authors of the original image, which complicates their detection, as this requires analyzing every layer and the command that generated it. As with vulnerabilities, not every configuration error leads to compromise: it all depends on the container\u2019s role, its network accessibility, and many other factors. But the very use of insecure settings will sooner or later lead to errors appearing in images where their consequences will be significantly more dangerous.\nStandard rules are often insufficient for analyzing problematic configurations. To gain a deeper understanding of the context and assess potential risks, AI tools can be used. Later in this section, we will examine examples of typical insecure configurations we discovered while scanning public images from Docker Hub, along with the descriptions of issues and risk mitigation methods provided by the KIRA AI assistant.\nExample of container analysis using KIRA\nInsecure handling of credentials\nUse of default passwords\nIn some cases, containers may use default passwords set via environment variables or directly in Dockerfile. If these passwords are not overridden, attackers will be able to access the application by using the default password.\nRUN |1 DEBIAN_FRONTEND=noninteractive /bin/sh -c echo [removed]:[removed] | chpasswd\nAccording to KIRA\u2019s analysis, the user\u2019s password is stored in plain text in the image layer history. Anyone who gains access to the image \u2013 whether through a public registry, a compromised build environment, or other means \u2013 will be able to extract the password. If SSH or another form of interactive access is enabled in the container, this could lead to its complete compromise and allow attackers to move laterally within the infrastructure.\nPasswords may be present in environment variables. Consider the following Dockerfile snippet:\nENV SERVERNAME=localhost WWW_PATH_CONF=/etc/apache2/apache2.conf WWW_PATH_ROOT=/var/www HTTPS=on PKP_CLI_INSTALL=0 PKP_DB_HOST=db PKP_DB_NAME=pkp PKP_DB_USER=pkp PKP_DB_PASSWORD=changeMePlease PKP_WEB_CONF=/etc/apache2/conf-enabled/pkp.conf PKP_CONF=config.inc.php PKP_CMD=/usr/local/bin/pkp-start\nIn this example, the environment variable PKP_DB_PASSWORD is set to changeMePlease. If the user forgets to override it, the application will use the password that can be obtained from Dockerfile.\nLet\u2019s look at another image:\n/bin/sh -c #(nop)  ENV MOODLE_URL=<a href=\"http://0.0.0.0/\">0.0.0.0</a> MOODLE_ADMIN admin       MOODLE_ADMIN_PASSWORD [removed]      MOODLE_ADMIN_EMAIL admin@example.com MOODLE_DB_HOST     MOODLE_DB_PASSWORD       MOODLE_DB_USER     MOODLE_DB_NAME    MOODLE_DB_PORT 3306\nFor this image, Dockerfile specifies that the administrator password is hardcoded in the ENV directive and remains in the image metadata (layer history, docker inspect). Anyone who gains access to the image (registry, build cache) will be able to extract this secret and compromise the account.\nTo eliminate these risks, ensure that no passwords are specified in Dockerfile. If authentication is required, you can use orchestrator mechanisms (secrets) or generate a temporary password when starting the container via the entrypoint script, without saving it in the layers. We also recommend using mechanisms for securely passing secrets at runtime (Docker secrets, Kubernetes Secrets) or, as a last resort, passing them via --secret during the build with BuildKit, but under no circumstances should they be left in the final image.\nPassing passwords via command arguments\nIn some cases, passwords may be exposed when passed via command-line arguments, as these arguments are visible to all users on the system:\n/bin/sh -c #(nop)  HEALTHCHECK &{[\"\"CMD-SHELL\"\" \"\"mysql --protocol TCP -u\\\"\"root\\\"\" -p\\\"\"$MYSQL_ROOT_PASSWORD\\\"\" -e \\\"\"SELECT 1;\\\"\"\"\"] \"\"15s\"\" \"\"30s\"\" \"\"0s\"\" '\\x05'}\nIn the example provided, the MySQL superuser password is passed into the healthcheck command in plaintext, making it visible when viewing the process list (ps aux), in audit logs, and in monitoring systems. If the attacker gains read access to the container\u2019s processes or logs, they can extract the password and gain full control of the database.\nTo fix this issue, the healthcheck should use a local connection via a Unix socket with default authentication (if the auth_socket plugin is configured for root), or create a dedicated user with minimal privileges (e.g., only USAGE), without a password or with a password passed via a secure file (--defaults-file with restricted permissions). You can also use the MYSQL_PWD environment variable for healthcheck authentication, but it remains visible in /proc.\nPrivilege escalation in the container\nOne of the most common vectors for initial compromise of Linux systems is RCE in web applications and network services. Typically, these services have minimal privileges, which complicates attackers\u2019 subsequent actions: dumping credentials, covering their tracks, attempting to escape the container, and much more.\nThe situation worsens significantly if the attacker gains root privileges, as this allows them to fully control all processes within the container, conceal their activity, and use methods to escape the container. For example, they can compromise the host if the container is privileged, a Docker socket is mounted inside it, or other insecure configurations and vulnerabilities exist that cannot be exploited with standard user privileges.\nSimilarly, this simplifies network attacks on neighboring containers, the orchestrator, and various internal services, making this configuration error a potential link in the chain for compromising the entire network.\nAttacks on sudo\nOne of the simplest privilege escalation methods is executing arbitrary commands as root using sudo without entering a password. Consider the following example:\n/bin/sh -c set -xe;     apt-get update &&       apt-get -y install sudo;       echo \"\"solr ALL=(ALL) NOPASSWD: ALL\"\" >/etc/sudoers.d/solr;\nAnalyzing this configuration using KIRA immediately highlights the main issue: by installing the sudo package and setting NOPASSWD: ALL for the solr, the user severely violates the principle of least privilege. The Solr platform does not require such broad privileges to run within a container; instead, they create an easy path for escalating to root.\necho 'postgres ALL=(ALL:ALL) NOPASSWD:ALL' >> /etc/sudoers\nIn another example of an insecure configuration, NOPASSWD:ALL privileges are granted to a PostgreSQL database user, which is a direct and severe weakening of the access control policy. If an attacker gains the ability to execute code on behalf of the postgres user \u2013 through a vulnerability in a network service, an SQL injection, or by compromising of one of the processes \u2013 they will immediately and unconditionally be able to execute any commands on behalf of the root user. This is equivalent to the entire container running as root.\nAs a risk mitigation measure, we recommend completely removing this directive. The minimum necessary commands requiring privileges should be delegated on a case-by-case basis via sudoers with explicit specification of allowed executables and parameters, using NOPASSWD only as a last resort and for specific utilities.\nOur AI assistant KIRA can identify even more complex insecure configurations, such as allowing passwordless sudo for the entire sudo group \u2014 by modifying existing rules.\nperl -i -pe 's/\\bALL$/NOPASSWD:ALL/g' /etc/sudoers\nThe risk in this example is that the command replaces standard declarations requiring authentication with passwordless execution of all commands for any user within the sudo group \u2013 potentially including postgres, should it be assigned to that group. This expands the attack surface to all group members, turning each of them into a potential point for instant privilege escalation.\nTo mitigate the risks, we recommend not modifying the global sudoers policy, keeping the standard password requirement, or using a more secure escalation mechanism \u2013 such as gosu to run a specific process on behalf of another user without permanent privileges.\nInsecure file permissions\nAnother common vector for privilege escalation is insecurely configured file and directory permissions. Most often, for convenience, container image authors use 777 permissions, which allow anyone \u2013 including unprivileged users \u2013 to freely create and delete files, as well as modify their contents. This can lead to both privilege escalation and the ability for an unprivileged attacker to delete or modify logs, among other undesirable consequences.\nConsider the following command:\nchmod 0777 /usr/share/cargo /usr/share/cargo/bin\nThe risk is that directories containing binary files and scripts will become writable by any container user. This allows a low-privileged attacker to replace utilities included in cargo or add new malicious executables. When these tools are subsequently invoked, especially as the root user or via sudo, the attacker\u2019s code will execute with the inherited privileges of the calling process, leading directly to a local privilege escalation.\nTo mitigate the risks, you can set the minimum necessary permissions: chmod 0755 for directories and chmod 0755/0644 for the corresponding files. The owner should be root, and only the owner should be allowed to write. Do not use chmod 777 on any system paths.\nLack of integrity checks\nDownloading software without verifying its integrity can make the infrastructure vulnerable to software tampering.\nFor example, this risk may arise when downloading a distribution via HTTP:\nRUN /bin/sh -c wget -qO- \"\"<a href=\"http://acestream.org/downloads/linux/acestream_3.1.49_debian_9.9_x86_64.tar.gz\">acestream.org/downloads/linux/\u2026 | tar --extract --gzip -C /opt/acestream\nUsing HTTP without verifying the archive\u2019s integrity creates conditions for a man-in-the-middle attack during the image build phase. An attacker controlling the communication channel or DNS can replace the archive with malicious content, which will compromise the container and the entire environment in which it runs.\nTo mitigate the risks, you can configure connections to web resources to use HTTPS only \u2014 if the resource supports this protocol. You can also download the archive without extracting it, compare its checksum (SHA256) with the checksum from a trusted source, and only then extract it. It is advisable to store the verified archive in an internal artifact repository to avoid direct downloads from the network.\nThere will still be a MitM risk even if certificate verification is disabled:\nwget --no-check-certificate<a href=\"https://github.com/phpvirtualbox/phpvirtualbox/archive/refs/heads/7.2-dev.zip\"> github.com/phpvirtualbox/phpvi\u2026 -O phpvirtualbox.zip\nThe absence of TLS certificate verification allows an attacker controlling the network segment to replace the downloaded ZIP archive with malicious content. Since the archive contains PHP code that will be executed by the web server, compromise during the build phase will result in the deployment of a backdoor or data leakage.\nTo mitigate the risks, remove the --no-check-certificate flag; after downloading, calculate the SHA256 hash of the archive and verify it against a known reference value (the release page or a local repository of trusted hashes). Additionally, consider using a fixed release (tag) rather than the floating 7.2-dev branch.\nConclusion\nDocker containers have become a very popular means of deploying software, and attackers are by no means oblivious to this trend. They are rapidly adding software vulnerabilities and configuration errors to their arsenal and carrying out attacks on supply chains. They can compromise container infrastructure for a wide variety of purposes, from cryptocurrency mining to encrypting data for ransom or stealing information critical to the company.\nOur research found that 64 out of 100 container images for popular applications contain critically vulnerable software, and only 10% are fully up to date. We also identified numerous insecure configurations, including passwords stored in plaintext in Dockerfiles and excessive privileges granted to users and processes.\nTo detect and prevent these threats, it is essential to strictly adhere to security measures: audit image configurations, securely manage secrets used in images, apply security updates in a timely manner, scan their contents for malware with every update, and follow industry-standard best practices for enhancing security.\nThis approach requires specialized solutions built to accommodate the unique characteristics of container environments. Kaspersky Container Security ensures the security of containerized applications at every stage of their lifecycle, from development to operation. The product protects an organization\u2019s business processes, helps ensure compliance with industry standards and security regulations, and enables the implementation of secure software development practices. \nsecurelist.com/container-secur\u2026", "creation_timestamp": "2026-05-29T07:12:04.132316Z"}, {"uuid": "2c110ce5-3210-4d95-a9b4-d295ca62fb26", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4911", "type": "published-proof-of-concept", "source": "https://t.me/Rootsec_2/1295", "content": "Local Privilege Escalation in the glibc's ld.so (CVE-2023-4911)\n\nhttps://www.qualys.com/2023/10/03/cve-2023-4911/looney-tunables-local-privilege-escalation-glibc-ld-so.txt\n\nPOC: https://github.com/leesh3288/CVE-2023-4911\n\n#expdev #linux #lpe #Alexs3y", "creation_timestamp": "2024-08-16T08:32:34.000000Z"}]}