Linux Kernel 2.6.32-45 fcaps suid privilege escalation

VulDB: Linux Kernel 2.6.32-45 fcaps suid privilege escalation

General

Linux

scipID: 5383
Affected: Linux Kernel
Published: 05/10/2012 (Steve Grubb)
Risk: problematic
Entry: 89.5% complete
Created: 05/15/2012
Updated: 09/03/2012

Summary

A vulnerability classified as problematic was found in Linux Kernel. Affected by this vulnerability is the function fcaps suid. The manipulation with an unknown input leads to a privilege escalation vulnerability. As an impact it is known to affect confidentiality, integrity, and availability.

The weakness was presented 05/10/2012 by Steve Grubb as DSA-2469-1 as knowledge base article (Website). The advisory is shared for download at debian.org. This vulnerability is known as CVE-2012-2123 since 04/04/2012. The attack needs to be approached locally. A single authentication is necessary for exploitation. Technical details of the vulnerability are known, but there is no available exploit.

The vulnerability was handled as a non-public zero-day exploit for at least 14 days. The vulnerability scanner Nessus provides a plugin with the ID 58881 (Fedora 15 2012-6406), which helps to determine the existence of the flaw in a target environment. It is assigned to the family Fedora Local Security Checks and running in the context local.

Upgrading to version 2.6.32-45 eliminates this vulnerability. A possible mitigation has been published immediately after the disclosure of the vulnerability. The vulnerability is also documented in the databases at OSVDB (81812) and Secunia (SA49098).