Linux Kernel v2.6 Local Root Exploit ( vmsplice ) Found

Linux kernel version from 2.6.17 to 2.6.24.1 all are affected because of vmsplice bug. The exploit code can be used to test if a kernel is vulnerable and it can start a root shell.

=> Debian Bug report logs

=> Fix 1 and Fix 2

Update: See how to apply a patch to kernel source tree.

Want to read Linux tips and tricks, but don't have time to check our blog everyday? Subscribe to our daily email newsletter to make sure you don't miss a single tip/tricks. Subscribe to our weekly newsletter here!

{ 4 comments… read them below or add one }

1 Jerod 02.11.08 at 3:15 pm

What would be helpful would be an explanation of how to apply these fixes to a vulnerable kernel.

2 goll 02.11.08 at 7:36 pm

I second that!

3 Erek Dyskant 02.11.08 at 9:34 pm

Howdy All,
I have a redhat/Centos RPMs with the upstream kernel patch compiled at http://erek.blumenthals.com/blog/

4 Peter 03.10.08 at 11:44 pm

Don’t let this one slide people – patch now.

All distro’s now have updated kernel packages. Apply them. :)

Leave a Comment

You can use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

Tagged as: , , , , , , ,

Previous post: Linus Torvalds on Linux Desktop Operating System

Next post: Red Hat and Ubuntu Linux Top Enterprise Open-source Software