Linux local privilege escalation via SUID

According to  CVE-2012-0056, linux kernel 2.6.39 and later versions is vulnerable to local privilege escalation by any local users due to the mem_write function does not properly check for permissions when writing to /proc/<pid>/mem, when ASLR is disabled.

Please take a look at this demonstration to see how it works.

Reference:

1.  http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-0056

2.  http://blog.zx2c4.com/749

 

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.