Leo PortalThe dynamic loader of the GNU C Library now contains a new buffer overflow vulnerability, which has been identified by security researchers from the Qualys Threat Research Unit ( TRU), illuminating the potential risks to Linux distributions posed by this flaw.
The GLIBC_TUNABLES environment variable, a feature introduced in glibc to allow users to fine-tune the library’s behavior at runtime, is affected by the vulnerability in question.  ,
According to Saeed Abbasi, manager of vulnerability research at Qualys, a powerful exploit can enable attackers to obtain root privileges and enable illicit data access, alteration, or deletion as well as possibly leveraging additional attacks by escalating permissions.
” An arbitrary code execution is a real and tangible threat, and this buffer overflow is simply vulnerable.”
On default installations of well-known Linux distributions like Fedora 37 and 38, Ubuntu 22.04 and 23, and Android 12 and 13, the research team was able to effectively identify and take advantage of this vulnerability. Although the vulnerability was first made available in April 2021, another distributions are probably just as vulnerable. Alpine Linux is a notable exception because it uses musl libc rather than glibc.
Essentially, the dynamic loader of the GNU C Library is essential for creating and running programs, making it a security-sensitive element. This loader examines a program when it is started, finds the necessary shared libraries, loads them into memory, and connects them to the executable at runtime.
Concerns are raised by the presence of a buffer overflow vulnerability in the handling of the GLIBC_TUNABLES environment varying because it could harm system performance, dependability, and security.  ,
Due to their extensive use of the Linux kernel within custom operating systems, IoT devices are the most susceptible to this glibc vulnerability, according to John Gallagher, vice president of Viakoo Labs.
There will be a protracted process to make sure that all IoT device manufacturers are remediated, in addition to unique schedules for patch production.
On September 4, the Qualys TRU  informed Linux package maintainers of the problem, and on September 19, a patch was sent. To reduce the risk it poses to Linux distributions, the team advised security teams to prioritize fixing this flaw.
The ease with which this buffer overflow can be converted into a data-only attack raises questions about possible future exploits, even though the research team has not disclosed the exploit code.
There is a significant risk of integrating this vulnerability into integrated tools, worms, or other malicious software, which would facilitate widespread exploitation of susceptible systems, Abbasi continued.
Organizations must exercise extreme caution to protect their systems and data from possible compromise through this glibc vulnerability given the specifics of the provided exploitation path.
