CVE-2012-0056 Linux Kernel /proc mem_write Insufficient Permission Checking

Critical Vulnerability Information CVE ID: CVE-2012-0056 CVE ID: CVE-2012-0056 Vulnerability Description: kernel: proc: /proc//mem mem_write insufficient permission checking Status: CLOSED ERRATA Product: Security Response Component: vulnerability Priority: high Severity: high Operating System: Linux Reported Time: 2012-01-18 02:34 UTC Fixes: - Red Hat Product Errata RHSA-2012:0052 - Red Hat Product Errata RHSA-2012:0061 Comment Summary 1. Impact Scope: A local, unprivileged user could exploit this flaw to escalate their privileges. 2. Mitigation Recommendation: Ensure ASLR is enabled, and SystemTap is installed and properly configured. See /proc/sys/kernel/randomize_va_space. 3. Patch Information: Specific upstream patch commit: http://git.kernel.org/linus/e268337dfe26dfc7efd422a804dbb27977a3cccc 4. Related Articles and Links: More detailed information and patches for this vulnerability can be found in Red Hat’s official documentation and open-source community resources.

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2012-0056 Linux Kernel /proc mem_write Insufficient Permission Checking