A severe vulnerability dubbed "Looney Tunables" was found in the most integral part of most Linux systems that provides basic system functions like file I/O, network, and memory access. Officially named CVE-2023-4911, this issue presents a buffer overflow problem related to the processing of the GLIBC_TUNABLES environment variable in glibc.

If your Linux system were a busy airport, the GNU C Library (glibc) would be the control tower that could give malicious actors free rein on your systems, so installing these updates today is crucial.

 

But that's not all, folks! Threat actors actively exploit this vulnerability in Linux cloud environments using a complex mechanism involving the Kinsing malware, a Python-based exploit, and an additional PHP exploit.

Read on to learn about other severe and impactful vulnerabilities recently discovered and fixed in your open-source programs and applications.

If you found today’s newsletter helpful and informative, please share it with a fellow security geek! Do you have a Linux security-related topic you'd like to cover for our audience? We welcome contributions from enthusiastic and insightful community members who love Linux as much as we do!

Stay safe out there,

Brittany Signature 150 Esm W150

GNU C Library

The Discovery 

Have you updated to mitigate the notorious “Looney Tunables” privilege escalation vulnerability recently discovered in the GNU C Library? This dangerous bug exists in the glibc dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable (CVE-2023-4911). Kinsing threat actors have recently been observed attempting to exploit Looney Tunables as part of a "new experimental campaign" designed to breach cloud environments.

GNUCLibrary Esm W275

The Impact

This flaw could potentially result in data breaches and system compromise since it allows a local user to gain full root privileges on impacted systems.

The Fix

A critical glibc security update has been released to mitigate this bug. Given this vulnerability's severe repercussions on impacted systems, if left unpatched, we urge all impacted users to update now to protect against potential downtime and compromise.

Your Related Advisories:

[distro_list_1]

Chromium

The Discovery 

Chromium Esm W225

Have you updated to fix the severe use-after-free vulnerability recently found in Chromium (CVE-2023-5472), which could allow a remote attacker to potentially exploit heap corruption via a crafted HTML page? This vulnerability, which has received a National Vulnerability Database base score of 8.8 out of 10 (“High” severity), is related to a bug in the webRTC (Real-time Communication) functionality and is among the most severe Chromium flaws we’ve seen in a while. 

The Impact

This flaw allows malicious actors to access portions of your computer's memory without authorization, which could result in sharing personal info without your knowledge.

The Fix

Chromium has released a critical update that mitigates this issue. Given this vulnerability's severe threat to impacted systems, if left unpatched, we urge all affected users who have not yet updated to the latest version of Chromium to update now! Doing so will protect against downtime, system compromise, and information leakage.

Your Related Advisories:

[distro_list_2]

Thunderbird 

The Discovery 

Thunderbird users: are you aware that the memory safety bugs recently found in Firefox 118, Firefox ESR 115.3, and Thunderbird 115.3 (CVE-2023-5730) are a potential gateway for malicious and unwanted actions on impacted systems? These flaws allow attackers to run harmful scripts without your knowledge or consent. Another severe, recently discovered Thunderbird vulnerability, CVE-2023-5721, involves improperly handling certain email content. More specifically, if a threat actor sends a specially crafted email to a Thunderbird user, and the user interacts with the email, the attacker could execute malicious code. 

Thunderbird Esm W226

The Impact

These vulnerabilities could result in data theft, unauthorized use of your system, or, in the worst-case scenario, a complete system takeover.

The Fix

A critical Thunderbird update has been released to mitigate these widespread and impactful issues. Given these vulnerabilities’ threat to affected systems, if left unpatched, we cannot stress this enough - we strongly recommend that all affected users update to the latest version of Thunderbird now to protect against unauthorized system access and data theft!

Your Related Advisories:

[distro_list_3]