Linux Kernel v2.6 Local Root Exploit ( vmsplice ) Found

by on February 11, 2008 · 4 comments· LAST UPDATED February 12, 2008


Linux kernel version from 2.6.17 to all are affected because of vmsplice bug. The exploit code can be used to test if a kernel is vulnerable and it can start a root shell.

=> Debian Bug report logs

=> Fix 1 and Fix 2

Update: See how to apply a patch to kernel source tree.

TwitterFacebookGoogle+PDF versionFound an error/typo on this page? Help us!

{ 4 comments… read them below or add one }

1 Jerod February 11, 2008 at 3:15 pm

What would be helpful would be an explanation of how to apply these fixes to a vulnerable kernel.


2 goll February 11, 2008 at 7:36 pm

I second that!


3 Erek Dyskant February 11, 2008 at 9:34 pm

Howdy All,
I have a redhat/Centos RPMs with the upstream kernel patch compiled at


4 Peter March 10, 2008 at 11:44 pm

Don’t let this one slide people – patch now.

All distro’s now have updated kernel packages. Apply them. :)


Leave a Comment

Tagged as: , , , , , , ,

Previous post:

Next post: