Tag Archives: cve

Linux local privilege escalation via SUID

According to  CVE-2012-0056, linux kernel 2.6.39 and later versions is vulnerable to local privilege escalation by any local users due to the mem_write function does not properly check for permissions when writing to /proc/<pid>/mem, when ASLR is disabled. Please take a look at this demonstration to see how it works. Reference: 1.  http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-0056 2.  http://blog.zx2c4.com/749 […]