Linux Kernel v2.6 Local Root Exploit ( vmsplice ) Found

by on February 11, 2008 · 4 comments· LAST UPDATED February 12, 2008

in

Linux kernel version from 2.6.17 to 2.6.24.1 all are affected because of vmsplice bug. The exploit code can be used to test if a kernel is vulnerable and it can start a root shell.

=> Debian Bug report logs

=> Fix 1 and Fix 2

Update: See how to apply a patch to kernel source tree.

TwitterFacebookGoogle+PDF versionFound an error/typo on this page? Help us!
1 Jerod February 11, 2008 at 3:15 pm

What would be helpful would be an explanation of how to apply these fixes to a vulnerable kernel.

2 goll February 11, 2008 at 7:36 pm

I second that!

3 Erek Dyskant February 11, 2008 at 9:34 pm

Howdy All,
I have a redhat/Centos RPMs with the upstream kernel patch compiled at http://erek.blumenthals.com/blog/

4 Peter March 10, 2008 at 11:44 pm

Don’t let this one slide people – patch now.

All distro’s now have updated kernel packages. Apply them. :)

Comments on this FAQ are closed. If you'd like to continue the discussion on this topic, you can do so at our forum.

Tagged as: , , , , , , ,

Previous post:

Next post: