Looney Tunables

Vulnerability Profile Updated 2 months ago
Download STIX
Preview STIX
Looney Tunables is a significant vulnerability in Linux software design and implementation, which has been exploited by various threat actors. This flaw allows for local privilege escalation, providing unauthorized users with elevated access rights within a Linux environment. Multiple experts have released exploits for this vulnerability, further emphasizing its critical nature and potential for widespread exploitation. The Cybersecurity and Infrastructure Security Agency (CISA) has recognized the severity of the Looney Tunables bug and added it to its Known Exploited Vulnerabilities catalog. This inclusion signals to the broader cybersecurity community that this vulnerability is not only known but actively being exploited in the wild. The listing serves as a call to action for organizations using Linux systems to address this vulnerability promptly, reducing their exposure to potential attacks. Recent attacks have highlighted the active exploitation of the Looney Tunables vulnerability. Specifically, Kinsing threat actors have been identified probing and exploiting the Looney Tunables flaws. Their activities underscore the immediate risk posed by this vulnerability and the urgent need for affected systems to be patched or otherwise secured against this form of attack.
What's your take? (Question 1 of 5)
Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.
Possible Aliases / Cluster overlaps
It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at.
IDVotesProfile Description
CVE-2023-4911
5
CVE-2023-4911, also known as the "Looney Tunables" vulnerability, is a significant software flaw found in the GNU C Library (glibc), specifically within its dynamic loader ld.so. This buffer overflow issue occurs when processing the GLIBC_TUNABLES environment variable, enabling threat actors to exec
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Exploit
Exploits
Linux
Ubuntu
Debian
Known Exploi...
Vulnerability
Poc
Malware
Red Hat
Kubernetes
CISA
Apache Activ...
Cybercrime
Glibc
Qualys
Android
Associated Malware
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
Kinsinghas used
6
Kinsing is a type of malware, malicious software designed to infiltrate and damage computer systems without the user's knowledge. It can enter systems through suspicious downloads, emails, or websites, with potential impacts ranging from stealing personal information to disrupting operations or even
BunnyloaderUnspecified
1
BunnyLoader is a new form of malware that has been recently identified in the cyber threat landscape. This malicious software, which is designed to exploit and damage computer systems, has been advertised as a Malware-as-a-Service (MaaS) on various cybercrime forums. It can infiltrate systems throug
Money LibraUnspecified
1
Money Libra, also known as Kinsing, is a malicious software (malware) that has been active since late 2021. This malware primarily targets cloud-native environments and applications such as Kubernetes clusters, Docker API, Redis, Jenkins and Openfire servers, and cloud-hosted Apache NiFi instances,
Associated Threat Actors
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Vulnerabilities
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
CVE-2023-46604Unspecified
1
CVE-2023-46604 is a critical vulnerability identified in Apache ActiveMQ, specifically affecting versions prior to 5.15.16, 5.16.7, 5.17.6, and 5.18.3. This flaw, which lies within the Java OpenWire protocol marshaller, allows for Remote Code Execution (RCE) and has been assigned a maximum severity
CVE-2021-3156Unspecified
1
None
CVE-2021-33909Unspecified
1
None
CVE-2021-4034Unspecified
1
None
CVE-2021-3560Unspecified
1
None
Source Document References
Information about the Looney Tunables Vulnerability was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
SourceCreatedAtTitle
Securityaffairs
7 days ago
Security Affairs Malware Newsletter - Round 1
Securityaffairs
14 days ago
Security Affairs newsletter Round 478 by Pierluigi Paganini – INTERNATIONAL EDITION
Securityaffairs
21 days ago
Security Affairs newsletter Round 477 by Pierluigi Paganini – INTERNATIONAL EDITION
Securityaffairs
a month ago
Security Affairs newsletter Round 476 by Pierluigi Paganini – INTERNATIONAL EDITION
Securityaffairs
2 months ago
Security Affairs newsletter Round 473 by Pierluigi Paganini – INTERNATIONAL EDITION
Securityaffairs
2 months ago
Security Affairs newsletter Round 470 by Pierluigi Paganini – INTERNATIONAL EDITION
Securityaffairs
3 months ago
Security Affairs newsletter Round 469 by Pierluigi Paganini – INTERNATIONAL EDITION
Securityaffairs
3 months ago
Security Affairs newsletter Round 467 by Pierluigi Paganini – INTERNATIONAL EDITION
Securityaffairs
3 months ago
Security Affairs newsletter Round 466 by Pierluigi Paganini
Securityaffairs
3 months ago
Security Affairs newsletter Round 465 by Pierluigi Paganini
Securityaffairs
4 months ago
Security Affairs newsletter Round 464 by Pierluigi Paganini
Securityaffairs
4 months ago
Security Affairs newsletter Round 463 by Pierluigi Paganini
Securityaffairs
4 months ago
Security Affairs newsletter Round 462 by Pierluigi Paganini
Securityaffairs
4 months ago
Security Affairs newsletter Round 461 by Pierluigi Paganini
Securityaffairs
5 months ago
Security Affairs newsletter Round 460 by Pierluigi Paganini
Securityaffairs
5 months ago
Security Affairs newsletter Round 459 by Pierluigi Paganini
Securityaffairs
5 months ago
Security Affairs newsletter Round 457 by Pierluigi Paganini
Securityaffairs
6 months ago
Security Affairs newsletter Round 456 by Pierluigi Paganini
Securityaffairs
6 months ago
Security Affairs newsletter Round 454 by Pierluigi Paganini
Securityaffairs
6 months ago
Security Affairs newsletter Round 454 by Pierluigi Paganini