Linux Local root - CVE-2012-0056 [v2.3]
Have been in media recently:
http://blog.zx2c4.com/749
http://seclists.org/fulldisclosure/2012/Jan/345
Since we have PIE on our executables, the memodipper exploits will not
work. We are still vulnerable even if its harder to exploit (need brute
force etc)
http://archives.gentoo.org/gentoo-hardened/msg\_603fc9743309a13287d39b57c2b0b684.xml
Fix is to upgrade to kernel 3.0.18.
Alpine Linux prior to v2.3 is not affected (v2.2 has 2.6.38 kernel)
(from redmine: issue id 963, created on 2012-01-26, closed on 2012-02-01)
- Relations:
- relates #962 (closed)
- Changesets:
- Revision 228b0240 by Natanael Copa on 2012-01-26T15:00:48Z:
main/linux-grsec: upgrade to 3.0.18 kernel
ref #963
To upload designs, you'll need to enable LFS and have admin enable hashed storage. More information