This is a PoC of CVE-2023-4911 (a.k.a. "Looney Tunables") exploiting a bug in glibc dynamic loader's GLIBC_TUNABLES environment variable parsing function parse_tunables().

Code has been tested on Ubuntu 22.04.3 with glibc version 2.35-0ubuntu3.3. No attempts have been made to generalize the PoC (read: "Works On My Machine"), so your mileage may vary.

As always, big kudos to the Qualys Threat Research Unit for the discovery of the vulnerability and for the very detailed writeup.

Written by Xion of KAIST Hacking Lab