CVE-2012-0056
Published: 19 January 2012
The mem_write function in the Linux kernel before 3.2.2, when ASLR is disabled, does not properly check permissions when writing to /proc/<pid>/mem, which allows local users to gain privileges by modifying process memory, as demonstrated by Mempodipper.
From the Ubuntu security team
Jüri Aedla discovered that the kernel incorrectly handled /proc/<pid>/mem permissions. A local attacker could exploit this and gain root privileges.
Priority
Status
Notes
Author | Note |
---|---|
mdeslaur | RH says introduced by 198214a7ee, needs checking. |
apw | as the proposed fix actually changes behaviour significantly and the functionality is very new and thus less likely to be needed it has been decided to revert 198214a for oneiric (the only release affected) and monitor it in precise for release. |
References
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0056
- http://www.openwall.com/lists/oss-security/2012/01/18/1
- https://ubuntu.com/security/notices/USN-1336-1
- https://ubuntu.com/security/notices/USN-1342-1
- https://ubuntu.com/security/notices/USN-1364-1
- NVD
- Launchpad
- Debian