The "zx2c4" weblog has a detailed
of a local root vulnerability in /proc
2.6.39 and just fixed on January 17. "In 2.6.39, the
protections against unauthorized access to /proc/pid/mem were deemed
sufficient, and so the prior #ifdef that prevented write support for
writing to arbitrary process memory was removed. Anyone with the correct
permissions could write to process memory. It turns out, of course, that
the permissions checking was done poorly. This means that all Linux kernels
>=2.6.39 are vulnerable, up until the fix commit for it a couple days
ago. Let’s take the old kernel code step by step and learn what’s the
matter with it.
" As of this writing, distributors do not yet appear
to have begun shipping updates for this vulnerability.
to post comments)