CVE-2012-0056 Mempodipper Linux Local Root Exploit Demo
Vulnerability discovered by zx2c4 (Jason A. Donenfeld)
Public release of the vulnerability the 2012-01-18
Exploit provided the 2012-01-23
PoC provided by :
zx2c4 (Jason A. Donenfeld)
Affected version(s) :
Linux kernel’s above or equal to 2.6.39 (32 bit or 64 bit).
Tested on Ubuntu 11.10 with :
Linux ubuntu 3.0.0-15-generic
Mempodipper is an exploit for CVE-2012-0056 exploiting an issue in the handling of the /proc/pid/mem writing functionality, where permissions are not being properly checked in the Linux kernel version 2.6.39 to current. A local, unprivileged user could use this flaw to escalate their privileges.
whoami gcc -o CVE-2012-0056-Mempodipper CVE-2012-0056-Mempodipper.c ./CVE-2012-0056-Mempodipper whoami