CVE-2012-0056 — Vulnetix

Try Vulnetix Request Demo

CVE-2012-0056 REJECTED

The mem_write function in the Linux kernel before 3.2.2, when ASLR is disabled, does not properly check permissions when writing to /proc/<pid>/mem, which allows local users to gain privileges by modifying process memory, as demonstrated by Mempodipper.

EPSS 76.66% · 98.9th percentile

Risk Scores

EPSS Score

76.66%

98.9th percentile

Affected Products

Vendor	Product	Versions
Ubuntu:14.04:LTS	linux-mako	0
Ubuntu:16.04:LTS	linux-flo	3.4.0-5.19, 0
Ubuntu:14.04:LTS	linux-lts-xenial	0
Ubuntu:14.04:LTS	linux-lts-utopic	0
Ubuntu:16.04:LTS	linux-mako	0, 3.4.0-7.39
Ubuntu:14.04:LTS	linux-aws	0
Ubuntu:16.04:LTS	linux-snapdragon	0
Ubuntu:14.04:LTS	linux-manta	0
Ubuntu:14.04:LTS	linux-lts-wily	0
Ubuntu:14.04:LTS	linux-flo	0
Ubuntu:16.04:LTS	linux-aws	0
Ubuntu:14.04:LTS	linux-goldfish	0, 3.4.0-1.7
Ubuntu:14.04:LTS	linux	0
Ubuntu:14.04:LTS	linux-lts-vivid	0
Ubuntu:16.04:LTS	linux-goldfish	0, 3.4.0-4.24, 3.4.0-4.26
Ubuntu:16.04:LTS	linux-gke	0
Ubuntu:16.04:LTS	linux	0
Ubuntu:16.04:LTS	linux-raspi2	0
Ubuntu:16.04:LTS	linux-hwe	0

Timeline

Jan 23, 2012 PoC Published
Jun 29, 2012 PoC Published
Jan 16, 2018 PoC Published
May 28, 2021 PoC Published
Feb 4, 2022 EPSS Score
Mar 28, 2022 EPSS Score
Jul 10, 2022 EPSS Score
Sep 1, 2022 EPSS Score
Oct 23, 2022 EPSS Score
Feb 4, 2023 EPSS Score
Mar 7, 2023 EPSS Score
Mar 28, 2023 EPSS Score

References

https://ubuntu.com/security/CVE-2012-0056 third-party-advisory
http://www.openwall.com/lists/oss-security/2012/01/18/1 third-party-advisory
https://ubuntu.com/security/notices/USN-1336-1 vendor-advisory
https://ubuntu.com/security/notices/USN-1342-1 vendor-advisory
https://ubuntu.com/security/notices/USN-1364-1 vendor-advisory
https://www.cve.org/CVERecord?id=CVE-2012-0056 third-party-advisory

Open in Interactive Console →