 Noah VailSon made my AvatarPremium
join:2004-12-10
Lorton, VA
kudos:1
 ·Bright House
 ·Sprint Mobile Br..
| Exploit allows root via /proc/pid/mem for kernels >= 2.6.39 I can't comment beyond the obvious, so here's Mr.T.
said by Linus :Jüri Aedla reported that the /proc//mem handling really isn't very robust, and it also doesn't match the permission checking of any of the other related files.
This changes it to do the permission checks at open time, and instead of tracking the process, it tracks the VM at the time of the open.
That simplifies the code a lot, but does mean that if you hold the file descriptor open over an execve(), you'll continue to read from the _old_ VM.
That is different from our previous behavior, but much simpler.
--
Adopting other people's animosity is The New Stupid. |
|
| CVE-2012-0056
»people.canonical.com/~ubuntu-sec···056.html |
|
| reply to Noah Vail
Linux vendors rush to patch privilege escalation flaw after root exploits emerge:
Linus Torvalds submitted a patch on the official Linux kernel repository on Jan. 17, but before Linux vendors had a chance to apply it for their distributions, proof-of-concept exploit code already appeared online.
One of the most complete exploits for CVE-2012-0056 is called mempodipper and was written by security researcher and programmer Jason A. Donenfeld. Mempodipper works around various factors that could limit the impact of this vulnerability in Linux distributions like Fedora or Gentoo.
Ubuntu and Red Hat have already released patches to address this vulnerability and other vendors are expected to follow in their footsteps soon.
Donenfeld published a detailed article about how the vulnerability can be exploited on his blog on Sunday, which served as inspiration for other exploit writers. One of them was Jay Freeman, better known online as saurik, the creator of the Cydia app store for jailbroken iPhones, iPads and other iOS devices.
Freeman used Donenfeld's instructions to create a local root exploit for Android 4.0 (Ice Cream Sandwich), which he dubbed mempodroid. Several members of the XDA Developers community already confirmed that the exploit works, but advised users who are not familiar with adb shell to wait for a simpler implementation.
Samsung Galaxy Nexus and ASUS Transformer Prime are the only devices that run Android 4.0 at this time, and the Galaxy Nexus has built-in rooting capabilities. However, mempodroid might open the door for rooting other devices that will eventually get updated to Ice Cream Sandwich. |
|
| "Rush" is the operative word. The patch from Kubuntu breaks Skype, Jack Audio and god only knows what else. Not much point in being the first one out with a patch if it renders your machine useless.  |
|
 reub2000Premium
join:2001-12-28
Evanston, IL | said by lugnut :"Rush" is the operative word. The patch from Kubuntu breaks Skype, Jack Audio and god only knows what else. Not much point in being the first one out with a patch if it renders your machine useless.
I have a problem on my laptop with Fedora 16. kernel 3.2.1 breaks audio coming from the headphones, while 3.1.9 works perfectly fine. Is it related?
--
My pbase gallery |
|
Noah VailSon made my AvatarPremium
join:2004-12-10
Lorton, VA
kudos:1 Reviews:
·Bright House
·Sprint Mobile Br..
| said by reub2000:I have a problem on my laptop with Fedora 16. kernel 3.2.1 breaks audio coming from the headphones, while 3.1.9 works perfectly fine. Is it related? From what I read, the 3.0.x kernel and up isn't susceptible to this.
--
Adopting other people's animosity is The New Stupid. |
|
|
|
reub2000Premium
join:2001-12-28
Evanston, IL | said by Noah Vail:said by reub2000:I have a problem on my laptop with Fedora 16. kernel 3.2.1 breaks audio coming from the headphones, while 3.1.9 works perfectly fine. Is it related? From what I read, the 3.0.x kernel and up isn't susceptible to this. Okay, the changelog shows the patch being commited for 3.2.2. So the issue is unrelated.
--
My pbase gallery |
|
