Weakness in memory management, Linux makes root access possible

0
428

A weakness in the memory management of Linux makes it possible to access the memory of another process to write. In this way, can root access be obtained. A patch to fix the problem is already submitted.

Jason Donenfeld posted in his blog a detailed description of the weakness, including sample code that allows root access on a Linux-system can be obtained. The weakness is to be found in the security of /proc/pid/mem, the interface to the process memory can be written to. The security that ensures that a process only to its own piece of memory can be write, it appears not to be adequate.

Donenfeld discovered a way to circumvent security whereupon he with the memory of a su-process belonged. Therein, the injected he is a piece of code that makes it root-access to a shell you could start. The code that Donenfeld has published includes comments not even 200 lines long and can handle both 32 – and 64-bit systems.

According to Donenfeld is the Linux kernel from 2.6.39 to be susceptible to the exploit. A few days ago is already a patch that exploit impossible must make submitted and approved. From a brief test, it appears that a fully patched version of Ubuntu 11.10 in any case, is susceptible to the exploit. Also some recent Android phones would in theory be vulnerable, as the mobile operating system on Linux based.