关键漏洞信息 CVE编号: CVE-2012-0056 CVE编号: CVE-2012-0056 漏洞描述: kernel: proc: /proc//mem mem_write insufficient permission checking 状态: CLOSED ERRATA 产品: Security Response 组件: vulnerability 优先级: high 严重性: high 操作系统: Linux 报告时间: 2012-01-18 02:34 UTC 修复: - Red Hat Product Errata RHSA-2012:0052 - Red Hat Product Errata RHSA-2012:0061 评论摘要 1. 影响范围: A local, unprivileged user could use this flaw to escalate their privileges. 2. 修复建议: 确保ASLR已启用, 确保SystemTap已安装并配置正确, 见/proc/sys/kernel/randomize_va_space. 3. 补丁信息: 提供了具体的上游补丁提交: http://git.kernel.org/linus/e268337dfe26dfc7efd422a804dbb27977a3cccc 4. 相关文章和链接: 此漏洞的更多详细信息和补丁可以在Red Hat的官方文档和开源社群文档中查看.