1. Home
  2. Vulnerabilities
  3. CVE-2012-0056

CVE-2012-0056

CVSS v2.0 6.9 (Medium)
69% Progress
EPSS 0.12 % (47th)
0.12% Progress
Affected Products 1
Advisories 30
Info CVSS EPSS Affected Configurations References Security Advisories Packages & Software OVAL Tools, Exploits & PoC Graph Web & Social Timeline

The mem_write function in the Linux kernel before 3.2.2, when ASLR is disabled, does not properly check permissions when writing to /proc/<pid>/mem, which allows local users to gain privileges by modifying process memory, as demonstrated by Mempodipper.

Weaknesses
CWE-264
Permissions, Privileges, and Access Controls
CVE Status
PUBLISHED
CNA
Red Hat, Inc.
Published Date
2012-01-27 15:55:04
(12 years ago)
Updated Date
2023-07-27 15:21:00
(13 months ago)

Affected Products

Linux

Configuration #1

    CPE23 From Up To
  Linux Kernel from 2.6.39 version and prior 3.0.18 version cpe:2.3:o:linux:linux_kernel >= 2.6.39 < 3.0.18
  Linux Kernel from 3.1 version and prior 3.2.2 version cpe:2.3:o:linux:linux_kernel >= 3.1 < 3.2.2