CVE-2023-4911: Looney Tunables - Local Privilege Escalation in the glibc’s ld.so
The Qualys Threat Research Unit (TRU) has discovered a buffer overflow vulnerability in GNU C Library's dynamic loader's processing of the GLIBC_TUNABLES…
![[CVE-2023-42752] integer overflow in Linux kernel leading to exploitable memory access](https://rdl.ink/render/https%3A%2F%2Fseclists.org%2Fimages%2Foss-sec-img.png?width=92&height=&ar=&mode=&format=avif&dpr=2)
[CVE-2023-42752] integer overflow in Linux kernel leading to exploitable memory access
I recently found an integer overflow in the Linux kernel, which leads to the kernel allocating
skb_shared_info in the userspace, which is exploitable in systems without SMAP protection since skb_shared_info contains references to function pointers.