Linux Kernel v2.6 Local Root Exploit ( vmsplice ) Found

in Categories Linux, Security last updated February 11, 2008

Linux kernel version from 2.6.17 to 2.6.24.1 all are affected because of vmsplice bug. The exploit code can be used to test if a kernel is vulnerable and it can start a root shell.

=> Debian Bug report logs

=> Fix 1 and Fix 2

Update: See how to apply a patch to kernel source tree.

Posted by: Vivek Gite

The author is the creator of nixCraft and a seasoned sysadmin and a trainer for the Linux operating system/Unix shell scripting. He has worked with global clients and in various industries, including IT, education, defense and space research, and the nonprofit sector. Follow him on Twitter, Facebook, Google+.

Share this on (or read 4 comments/add one below):

4 comment

  1. Don’t let this one slide people – patch now.

    All distro’s now have updated kernel packages. Apply them. 🙂

    Have a question? Post it on our forum!