Linux Kernel v2.6 Local Root Exploit ( vmsplice ) Found

Linux kernel version from 2.6.17 to 2.6.24.1 all are affected because of vmsplice bug. The exploit code can be used to test if a kernel is vulnerable and it can start a root shell.

Advertisement

=> Debian Bug report logs

=> Fix 1 and Fix 2

Update: See how to apply a patch to kernel source tree.

🥺 Was this helpful? Please add a comment to show your appreciation or feedback.

nixCrat Tux Pixel Penguin
Hi! 🤠
I'm Vivek Gite, and I write about Linux, macOS, Unix, IT, programming, infosec, and open source. Subscribe to my RSS feed or email newsletter for updates.

4 comments… add one
  • Jerod Feb 11, 2008 @ 15:15

    What would be helpful would be an explanation of how to apply these fixes to a vulnerable kernel.

  • goll Feb 11, 2008 @ 19:36

    I second that!

  • Erek Dyskant Feb 11, 2008 @ 21:34

    Howdy All,
    I have a redhat/Centos RPMs with the upstream kernel patch compiled at http://erek.blumenthals.com/blog/

  • Peter Mar 10, 2008 @ 23:44

    Don’t let this one slide people – patch now.

    All distro’s now have updated kernel packages. Apply them. 🙂

Leave a Reply

Your email address will not be published. Required fields are marked *

Use HTML <pre>...</pre> for code samples. Your comment will appear only after approval by the site admin.