Ubuntu Security Notice 1364-1 - A flaw was discovered in the XFS filesystem. If a local user mounts a specially crafted XFS image it could potential execute arbitrary code on the system. Andy Whitcroft discovered a that the Overlayfs filesystem was not doing the extended permission checks needed by cgroups and Linux Security Modules (LSMs). A local user could exploit this to by-pass security policy and access files that should not be accessible. Various other issues were also addressed.
e847291e2956e9eeb864470a8ac967e656c915178d520472524b2f9834c84e45
Ubuntu Security Notice 1342-1 - J. Aedla discovered that the kernel incorrectly handled /proc/<pid>/mem permissions. A local attacker could exploit this and gain root privileges.
e45dfdf1bd3525fa9a4dec53277bd6a8765bd88fef7c83ac37ee4a2fc90d56f4
Red Hat Security Advisory 2012-0061-01 - The kernel-rt packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issue: It was found that permissions were not checked properly in the Linux kernel when handling the /proc/[pid]/mem writing functionality. A local, unprivileged user could use this flaw to escalate their privileges. Refer to Red Hat Knowledgebase article DOC-69129, linked to in the References, for further information.
e40b8b8aaddc8e2fe581d83de354223aa3949157644b6f2661a2d8f354618f40
Red Hat Security Advisory 2012-0052-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issue: It was found that permissions were not checked properly in the Linux kernel when handling the /proc/[pid]/mem writing functionality. A local, unprivileged user could use this flaw to escalate their privileges. Refer to Red Hat Knowledgebase article DOC-69129, linked to in the References, for further information.
7b09a709dfaabd6a54c5cc5a4bb13a43f501209835b52b7ca3f7ef9ed74c7dc1
Ubuntu Security Notice 1336-1 - Juri Aedla discovered that the kernel incorrectly handled /proc/pid/mem permissions. A local attacker could exploit this and gain root privileges.
7bf51f8ca9d4762f3747b86831890e28ad257c4eed6054a41f77305a26d8c57c
This is the Mempodipper local root exploit for Linux. /proc/pid/mem is an interface for reading and writing, directly, process memory by seeking around with the same addresses as the process's virtual memory space. In 2.6.39, the protections against unauthorized access to /proc/pid/mem were deemed sufficient, and so the prior #ifdef that prevented write support for writing to arbitrary process memory was removed. Anyone with the correct permissions could write to process memory. It turns out, of course, that the permissions checking was done poorly. This means that all Linux kernels greater than and equal to 2.6.39 are vulnerable.
3a525daa17c897f966b003f33e20bb846db1a8e769624736feaf876a139f8576