Linux kernel version from 2.6.17 to 18.104.22.168 all are affected because of vmsplice bug. The exploit code can be used to test if a kernel is vulnerable and it can start a root shell.
Update: See how to apply a patch to kernel source tree.
You may delete a file called /etc/shadow. If you try to boot into a single user mode, system will ask for the maintenance root password. Now imagine this, you do not have a backup of /etc/shadow file. How do you fix such problem in a production environment where time is a critical factor? I will explain how to recover a deleted /etc/shadow file in five easy steps.
[click to continue…]