Critical.
Authoritative.
Strategic.
Subscribe to CIO Magazine »

Linux vendors rush to patch privilege escalation flaw after root exploits emerge

A privilege escalation vulnerability in the Linux kernel allows attackers to gain root access

Linux vendors are rushing to patch a privilege escalation vulnerability in the Linux kernel that can be exploited by local attackers to gain root access on the system.

The vulnerability, which is identified as CVE-2012-0056, was discovered by Jüri Aedla and is caused by a failure of the Linux kernel to properly restrict access to the "/proc/<pid>/mem" file.

According to Carsten Eiram, the chief security specialist at vulnerability research firm Secunia, the flaw was introduced in the Linux kernel code in March 2011 and affects versions 2.6.39 and above. "Any Linux distributions providing these kernel versions should be vulnerable," Eiram said.

Linus Torvalds submitted a patch on the official Linux kernel repository on Jan. 17, but before Linux vendors had a chance to apply it for their distributions, proof-of-concept exploit code already appeared online.

One of the most complete exploits for CVE-2012-0056 is called mempodipper and was written by security researcher and programmer Jason A. Donenfeld. Mempodipper works around various factors that could limit the impact of this vulnerability in Linux distributions like Fedora or Gentoo.

Ubuntu and Red Hat have already released patches to address this vulnerability and other vendors are expected to follow in their footsteps soon. "We recommend that system administrators apply these patches," Eiram said.

Donenfeld published a detailed article about how the vulnerability can be exploited on his blog on Sunday, which served as inspiration for other exploit writers. One of them was Jay Freeman, better known online as saurik, the creator of the Cydia app store for jailbroken iPhones, iPads and other iOS devices.

Freeman used Donenfeld's instructions to create a local root exploit for Android 4.0 (Ice Cream Sandwich), which he dubbed mempodroid. Several members of the XDA Developers community already confirmed that the exploit works, but advised users who are not familiar with adb shell to wait for a simpler implementation.

Samsung Galaxy Nexus and ASUS Transformer Prime are the only devices that run Android 4.0 at this time, and the Galaxy Nexus has built-in rooting capabilities. However, mempodroid might open the door for rooting other devices that will eventually get updated to Ice Cream Sandwich.

"While Android itself is open, many of the devices that use it are not, and the Transformer Prime has a locked bootloader, making exploits such as this required to install custom software," Freeman said in the exploit's release notes.

Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.

More about: ASUS, ASUS, ASUS, Fedora, Galaxy, Linux, Red Hat, Samsung, Secunia, Ubuntu
References show all

Comments

Post new comment

The content of this field is kept private and will not be shown publicly.
Users posting comments agree to the CIO comments policy.
Login or register to link comments to your user profile, or you may also post a comment without being logged in.
Related Coverage
Related Whitepapers
Latest Stories
Community Comments
Tags: Exploits / vulnerabilities, secunia, security
Latest Blog Posts
Whitepapers
  • EMC 15-Minute Guide to Smarter Backup Transform your future
    Backup and recovery has become fundamental part of business and an essential element of information management. Information is useless to customers, employees, or business partners can't access it when it is needed. Availability and integrity of information, of the lack of, can directly impact revenues and profits - as well as company reputations. Read more.
    Learn more »
  • A buyer’s guide to application lifecycle management (ALM) solutions
    This buyer's guide describes the key criteria for application lifecycle management (ALM) solutions for today's high-performance teams. It includes key considerations for enhancing your single- or multi-vendor ALM environment.
    Learn more »
  • IDC Case Study - EMC IT Increasing Efficiency, Reducing Costs, and Optimising IT with Data Deduplication
    This IDC Buyers Case Study: Explores the benefits EMC realised from the use of a range of EMC's own backup and recovery solutions that leverage deduplication technology; Identifies the unique backup challenges for different computing environments and how data deduplication can address these environments; Highlight EMC's legacy backup environment and the changes EMC made as part of a transformation process to increase efficiency, reduce cost and optimise IT - as part of its journey to the private cloud.
    Learn more »
All whitepapers
rhs_login_lockGet exclusive access to Invitation only events CIO, reports & analysis.
Recent comments