ID:4392 - Exploit for Permissions, Privileges, and Access Controls in Linux kernel - CVE-2012-0056

CSH
CYBERSECURITY HELP
Sign In REGISTER
 
Main Vulnerability Database Exploits ID:4392 - Exploit for Permissions, Privileges, and Access Controls in Linux kernel - CVE-2012-0056

ID:4392 - Exploit for Permissions, Privileges, and Access Controls in Linux kernel - CVE-2012-0056

Published: August 11, 2020


Vulnerability identifier: #VU44356
Vulnerability risk: High
CVE-ID: CVE-2012-0056
CWE-ID: CWE-264
Exploitation vector: Remote access
Vulnerable software:
Linux kernel

Link to public exploit:


Vulnerability description

The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.

The mem_write function in the Linux kernel before 3.2.2, when ASLR is disabled, does not properly check permissions when writing to /proc/<pid>/mem, which allows local users to gain privileges by modifying process memory, as demonstrated by Mempodipper.


Remediation

Install update from vendor's website.