Linux Kernel Security Problem
Posted: 29 Jan 2012, 12:48
Hello,
A news which it is not good for the world of Linux Users...
CVE-2012-0056 Linux privilege escalation [Video Demonstration]
A news which it is not good for the world of Linux Users...
CVE-2012-0056 Linux privilege escalation [Video Demonstration]
I hope this should be fixed soon and before Porteus 2.0TheHackerNews wrote:The Linux kernel is prone to a local privilege-escalation vulnerability.Attackers can exploit this issue to gain escalated privileges and execute arbitrary code with kernel-level privileges. Successfully exploiting this issue will result in the complete compromise of affected computers. Linux kernel 2.6.39 and later versions are affected.
The mem_write function in Linux kernel 2.6.39 and other versions, when ASLR is disabled, does not properly check permissions when writing to /proc/<pid>/mem, which allows local users to gain privileges by modifying process memory, as demonstrated by Mempodipper