Linux Kernel v2.6 Local Root Exploit ( vmsplice ) Found

in Categories Linux, Security last updated February 11, 2008

Linux kernel version from 2.6.17 to 2.6.24.1 all are affected because of vmsplice bug. The exploit code can be used to test if a kernel is vulnerable and it can start a root shell.

=> Debian Bug report logs

=> Fix 1 and Fix 2

Update: See how to apply a patch to kernel source tree.

Posted by: Vivek Gite

The author is the creator of nixCraft and a seasoned sysadmin, DevOps engineer, and a trainer for the Linux operating system/Unix shell scripting. Get the latest tutorials on SysAdmin, Linux/Unix and open source topics via RSS/XML feed or weekly email newsletter.

Share this on (or read 4 comments/add one below):

4 comment

  1. Don’t let this one slide people – patch now.

    All distro’s now have updated kernel packages. Apply them. 🙂

    Have a question? Post it on our forum!