OSVDB ID: 84837

Title: Linux Kernel All-zero SCM_CREDENTIALS Data Parsing Local Privilege Escalation

Info

Disclosure

Aug 21, 2012

Discovery

Unknown

Dates

Exploit

Unknown

Solution

Aug 21, 2012

Description

Linux Kernel contains a flaw that may allow an attacker to gain access to unauthorized privileges. The issue is triggered when all-zero SCM_CREDENTIALS data is passed to a receiver even when not provided by the sender. This may allow a local attacker to gain escalated privileges.

Classification

Location: Local Access Required
Attack Type: Input Manipulation
Impact: Loss of Integrity
Solution: Patch / RCS
Exploit: Exploit Unknown
Disclosure: Vendor Verified
OSVDB: Authentication Required

Solution

Currently, there are no known workarounds or upgrades to correct this issue. However, a patch has been committed to the CVS/GIT repository that addresses this vulnerability. Until it is incorporated into the next release of the software, manually patching an existing installation is the only known available solution. Check the vendor advisory or solution URL in the references section.

Products

Linux Kernel Organization, Inc.

Kernel

Unspecified

References

Security Tracker: 1027434
CVE ID: 2012-3520 (see also: NVD)
Secunia Advisory ID: 50323 50848 52160
Bugtraq ID: 55152
Vendor Specific Solution URL: http://git.kernel.org/?p=linux/kernel/git/torvalds/linux.git;a=commit;h=e0e3cea46d31
Vendor Specific News/Changelog Entry: http://lists.opensuse.org/opensuse-updates/2013-02/msg00018.html
http://www.ubuntu.com/usn/usn-1599-1/

Credit

Unknown or Incomplete

Direct URL: http://osvdb.org/84837