Jan 31, 2024NewsroomVulnerability / Endpoint Security Malicious local attackers can obtain full root access on Linux machines by taking advantage of a newly disclosed security flaw in the GNU C library (aka glibc). Tracked as CVE-2023-6246, the heap-based buffer overflow vulnerability is rooted in glibc’s __vsyslog_internal() function, which is used by syslog() and vsyslog() for […]
The Synacktiv Team earned $100,000 for chaining three zero-day bugs to gain root permissions on a Tesla Modem and an additional $120,000 for hacking other EV charging stations.
The vulnerability, known as “Looney Tunables” and tracked as CVE-2023-4911, allows attackers to gain root privileges on major Linux distributions. It affects popular platforms like Fedora, Ubuntu, and Debian.