Sponsored link
Serve your customers, not your servers, with VERIO Linux VPS. Full-access test-drive here.
| Weekly edition | Kernel | Security | Distributions | Search |
| Archives | Calendar | Subscribe | Write for LWN | LWN.net FAQ |
kernel 2.6.24.1 still vulnerable to the vmsplice local root exploit
| From: | "Niki Denev" <ndenev-AT-gmail.com> | |
| To: | linux-kernel-AT-vger.kernel.org | |
| Subject: | kernel 2.6.24.1 still vulnerable to the vmsplice local root exploit | |
| Date: | Sun, 10 Feb 2008 08:04:35 +0200 | |
| Message-ID: | <2e77fc10802092204t7764ff12s65304f70500e2090@mail.gmail.com> | |
| Archive-link: | Article, Thread |
Hi, As the subject says the 2.6.24.1 is still vulnerable to the vmsplice local root exploit. [opa@test tmp]$ uname -a Linux tester 2.6.24.1 #1 Sun Feb 10 00:06:49 EST 2008 i686 unknown [opa@test tmp]$ ./vms ----------------------------------- Linux vmsplice Local Root Exploit By qaaz ----------------------------------- [+] mmap: 0x0 .. 0x1000 [+] page: 0x0 [+] page: 0x20 [+] mmap: 0x4000 .. 0x5000 [+] page: 0x4000 [+] page: 0x4020 [+] mmap: 0x1000 .. 0x2000 [+] page: 0x1000 [+] mmap: 0xb7f56000 .. 0xb7f88000 [+] root [root@test tmp]# [root@test tmp]# id uid=0(root) gid=0(root) groups=2033(opa) [root@test tmp]# uname -a Linux test 2.6.24.1 #1 Sun Feb 10 00:06:49 EST 2008 i686 unknown Is there any known fix/patch for this?
(Log in to post comments)