≡ Menu

Linux Kernel v2.6 Local Root Exploit ( vmsplice ) Found

Linux kernel version from 2.6.17 to all are affected because of vmsplice bug. The exploit code can be used to test if a kernel is vulnerable and it can start a root shell.

=> Debian Bug report logs

=> Fix 1 and Fix 2

Update: See how to apply a patch to kernel source tree.

Tweet itFacebook itGoogle+ itPDF itFound an error/typo on this page?

{ 4 comments… add one }

  • Jerod February 11, 2008, 3:15 pm

    What would be helpful would be an explanation of how to apply these fixes to a vulnerable kernel.

  • goll February 11, 2008, 7:36 pm

    I second that!

  • Erek Dyskant February 11, 2008, 9:34 pm

    Howdy All,
    I have a redhat/Centos RPMs with the upstream kernel patch compiled at http://erek.blumenthals.com/blog/

  • Peter March 10, 2008, 11:44 pm

    Don’t let this one slide people – patch now.

    All distro’s now have updated kernel packages. Apply them. :)

Leave a Comment