exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 6 of 6 RSS Feed

CVE-2012-0056

Status Candidate

Overview

The mem_write function in the Linux kernel before 3.2.2, when ASLR is disabled, does not properly check permissions when writing to /proc/<pid>/mem, which allows local users to gain privileges by modifying process memory, as demonstrated by Mempodipper.

Related Files

Ubuntu Security Notice USN-1364-1
Posted Feb 13, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1364-1 - A flaw was discovered in the XFS filesystem. If a local user mounts a specially crafted XFS image it could potential execute arbitrary code on the system. Andy Whitcroft discovered a that the Overlayfs filesystem was not doing the extended permission checks needed by cgroups and Linux Security Modules (LSMs). A local user could exploit this to by-pass security policy and access files that should not be accessible. Various other issues were also addressed.

tags | advisory, arbitrary, local
systems | linux, ubuntu
advisories | CVE-2012-0038, CVE-2012-0055, CVE-2012-0056, CVE-2012-0207, CVE-2012-0038, CVE-2012-0055, CVE-2012-0056, CVE-2012-0207
SHA-256 | e847291e2956e9eeb864470a8ac967e656c915178d520472524b2f9834c84e45
Ubuntu Security Notice USN-1342-1
Posted Jan 26, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1342-1 - J. Aedla discovered that the kernel incorrectly handled /proc/<pid>/mem permissions. A local attacker could exploit this and gain root privileges.

tags | advisory, kernel, local, root
systems | linux, ubuntu
advisories | CVE-2012-0056
SHA-256 | e45dfdf1bd3525fa9a4dec53277bd6a8765bd88fef7c83ac37ee4a2fc90d56f4
Red Hat Security Advisory 2012-0061-01
Posted Jan 24, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0061-01 - The kernel-rt packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issue: It was found that permissions were not checked properly in the Linux kernel when handling the /proc/[pid]/mem writing functionality. A local, unprivileged user could use this flaw to escalate their privileges. Refer to Red Hat Knowledgebase article DOC-69129, linked to in the References, for further information.

tags | advisory, kernel, local
systems | linux, redhat
advisories | CVE-2012-0056
SHA-256 | e40b8b8aaddc8e2fe581d83de354223aa3949157644b6f2661a2d8f354618f40
Red Hat Security Advisory 2012-0052-01
Posted Jan 24, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0052-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issue: It was found that permissions were not checked properly in the Linux kernel when handling the /proc/[pid]/mem writing functionality. A local, unprivileged user could use this flaw to escalate their privileges. Refer to Red Hat Knowledgebase article DOC-69129, linked to in the References, for further information.

tags | advisory, kernel, local
systems | linux, redhat
advisories | CVE-2012-0056
SHA-256 | 7b09a709dfaabd6a54c5cc5a4bb13a43f501209835b52b7ca3f7ef9ed74c7dc1
Ubuntu Security Notice USN-1336-1
Posted Jan 23, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1336-1 - Juri Aedla discovered that the kernel incorrectly handled /proc/pid/mem permissions. A local attacker could exploit this and gain root privileges.

tags | advisory, kernel, local, root
systems | linux, ubuntu
advisories | CVE-2012-0056
SHA-256 | 7bf51f8ca9d4762f3747b86831890e28ad257c4eed6054a41f77305a26d8c57c
Linux Local Root Via SUID /prod/pid/mem Write
Posted Jan 23, 2012
Authored by zx2c4

This is the Mempodipper local root exploit for Linux. /proc/pid/mem is an interface for reading and writing, directly, process memory by seeking around with the same addresses as the process's virtual memory space. In 2.6.39, the protections against unauthorized access to /proc/pid/mem were deemed sufficient, and so the prior #ifdef that prevented write support for writing to arbitrary process memory was removed. Anyone with the correct permissions could write to process memory. It turns out, of course, that the permissions checking was done poorly. This means that all Linux kernels greater than and equal to 2.6.39 are vulnerable.

tags | exploit, arbitrary, kernel, local, root
systems | linux
advisories | CVE-2012-0056
SHA-256 | 3a525daa17c897f966b003f33e20bb846db1a8e769624736feaf876a139f8576
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close