exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 6 of 6 RSS Feed

CVE-2012-0056

Status Candidate

Overview

The mem_write function in the Linux kernel before 3.2.2, when ASLR is disabled, does not properly check permissions when writing to /proc/<pid>/mem, which allows local users to gain privileges by modifying process memory, as demonstrated by Mempodipper.

Related Files

Ubuntu Security Notice USN-1364-1
Posted Feb 13, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1364-1 - A flaw was discovered in the XFS filesystem. If a local user mounts a specially crafted XFS image it could potential execute arbitrary code on the system. Andy Whitcroft discovered a that the Overlayfs filesystem was not doing the extended permission checks needed by cgroups and Linux Security Modules (LSMs). A local user could exploit this to by-pass security policy and access files that should not be accessible. Various other issues were also addressed.

tags | advisory, arbitrary, local
systems | linux, ubuntu
advisories | CVE-2012-0038, CVE-2012-0055, CVE-2012-0056, CVE-2012-0207, CVE-2012-0038, CVE-2012-0055, CVE-2012-0056, CVE-2012-0207
SHA-256 | e847291e2956e9eeb864470a8ac967e656c915178d520472524b2f9834c84e45
Ubuntu Security Notice USN-1342-1
Posted Jan 26, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1342-1 - J. Aedla discovered that the kernel incorrectly handled /proc/<pid>/mem permissions. A local attacker could exploit this and gain root privileges.

tags | advisory, kernel, local, root
systems | linux, ubuntu
advisories | CVE-2012-0056
SHA-256 | e45dfdf1bd3525fa9a4dec53277bd6a8765bd88fef7c83ac37ee4a2fc90d56f4
Red Hat Security Advisory 2012-0061-01
Posted Jan 24, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0061-01 - The kernel-rt packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issue: It was found that permissions were not checked properly in the Linux kernel when handling the /proc/[pid]/mem writing functionality. A local, unprivileged user could use this flaw to escalate their privileges. Refer to Red Hat Knowledgebase article DOC-69129, linked to in the References, for further information.

tags | advisory, kernel, local
systems | linux, redhat
advisories | CVE-2012-0056
SHA-256 | e40b8b8aaddc8e2fe581d83de354223aa3949157644b6f2661a2d8f354618f40
Red Hat Security Advisory 2012-0052-01
Posted Jan 24, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0052-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issue: It was found that permissions were not checked properly in the Linux kernel when handling the /proc/[pid]/mem writing functionality. A local, unprivileged user could use this flaw to escalate their privileges. Refer to Red Hat Knowledgebase article DOC-69129, linked to in the References, for further information.

tags | advisory, kernel, local
systems | linux, redhat
advisories | CVE-2012-0056
SHA-256 | 7b09a709dfaabd6a54c5cc5a4bb13a43f501209835b52b7ca3f7ef9ed74c7dc1
Ubuntu Security Notice USN-1336-1
Posted Jan 23, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1336-1 - Juri Aedla discovered that the kernel incorrectly handled /proc/pid/mem permissions. A local attacker could exploit this and gain root privileges.

tags | advisory, kernel, local, root
systems | linux, ubuntu
advisories | CVE-2012-0056
SHA-256 | 7bf51f8ca9d4762f3747b86831890e28ad257c4eed6054a41f77305a26d8c57c
Linux Local Root Via SUID /prod/pid/mem Write
Posted Jan 23, 2012
Authored by zx2c4

This is the Mempodipper local root exploit for Linux. /proc/pid/mem is an interface for reading and writing, directly, process memory by seeking around with the same addresses as the process's virtual memory space. In 2.6.39, the protections against unauthorized access to /proc/pid/mem were deemed sufficient, and so the prior #ifdef that prevented write support for writing to arbitrary process memory was removed. Anyone with the correct permissions could write to process memory. It turns out, of course, that the permissions checking was done poorly. This means that all Linux kernels greater than and equal to 2.6.39 are vulnerable.

tags | exploit, arbitrary, kernel, local, root
systems | linux
advisories | CVE-2012-0056
SHA-256 | 3a525daa17c897f966b003f33e20bb846db1a8e769624736feaf876a139f8576
Page 1 of 1
Back1Next

File Archive:

July 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    52 Files
  • 2
    Jul 2nd
    0 Files
  • 3
    Jul 3rd
    0 Files
  • 4
    Jul 4th
    0 Files
  • 5
    Jul 5th
    0 Files
  • 6
    Jul 6th
    0 Files
  • 7
    Jul 7th
    0 Files
  • 8
    Jul 8th
    0 Files
  • 9
    Jul 9th
    0 Files
  • 10
    Jul 10th
    0 Files
  • 11
    Jul 11th
    0 Files
  • 12
    Jul 12th
    0 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    0 Files
  • 16
    Jul 16th
    0 Files
  • 17
    Jul 17th
    0 Files
  • 18
    Jul 18th
    0 Files
  • 19
    Jul 19th
    0 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close