Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 399865 - Linux Local Privilege Escalation via SUID /proc/pid/mem Write
Summary: Linux Local Privilege Escalation via SUID /proc/pid/mem Write
Status: RESOLVED DUPLICATE of bug 399243
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: Kernel (show other bugs)
Hardware: All Linux
: Normal critical (vote)
Assignee: Gentoo Security
URL: http://www.outflux.net/blog/
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2012-01-23 17:50 UTC by Delete ME
Modified: 2012-01-23 17:59 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Delete ME 2012-01-23 17:50:47 UTC 
- affected kernels: >= 2.6.39
- fixed via http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=e268337dfe26dfc7efd422a804dbb27977a3cccc on 1/17/2012
- further information:
-- http://www.outflux.net/blog/
-- https://access.redhat.com/kb/docs/DOC-69129
-- https://www.redhat.com/security/data/cve/CVE-2012-0056.html
-- https://bugzilla.redhat.com/show_bug.cgi?id=782642
-- http://blog.zx2c4.com/749

Reproducible: Always

Steps to Reproduce:
- see http://blog.zx2c4.com/749
Actual Results:  
an unpriviledged local user can become root rights

Expected Results:  
- an unpriviledged local user cannot become root rights
Comment 1 Alex Legler (RETIRED) archtester gentoo-dev Security 2012-01-23 17:59:08 UTC 

*** This bug has been marked as a duplicate of bug 399243 ***