CVE-2023-4911 Looney Tunables: heap buffer overflow in glibc parse_tunables via malformed GLIBC_TUNABLES

CVE-2023-4911 "Looney Tunables": glibc 2.37 dynamic linker (ld.so) has a heap buffer overflow in parse_tunables() in elf/dl-tunables.c. When a malformed GLIBC_TUNABLES value of the form "name=name=val" is processed in AT_SECURE mode (setuid/setgid programs), the loop fails to terminate and processes the value portion a second time as a new name=value pair. This causes the output written back to tunestr to be longer than the allocated buffer (input_len+2 bytes), resulting in a heap overflow. Exploitable for local privilege escalation on SUID binaries.