kernel 2.6.24.1 still vulnerable to the vmsplice local root exploit

From: Niki Denev
Date: Sun Feb 10 2008 - 01:04:50 EST


Hi,

As the subject says the 2.6.24.1 is still vulnerable to the vmsplice
local root exploit.

[opa@test tmp]$ uname -a
Linux tester 2.6.24.1 #1 Sun Feb 10 00:06:49 EST 2008 i686 unknown
[opa@test tmp]$ ./vms

-----------------------------------
Linux vmsplice Local Root Exploit
By qaaz
-----------------------------------
[+] mmap: 0x0 .. 0x1000
[+] page: 0x0
[+] page: 0x20
[+] mmap: 0x4000 .. 0x5000
[+] page: 0x4000
[+] page: 0x4020
[+] mmap: 0x1000 .. 0x2000
[+] page: 0x1000
[+] mmap: 0xb7f56000 .. 0xb7f88000
[+] root
[root@test tmp]#
[root@test tmp]# id
uid=0(root) gid=0(root) groups=2033(opa)
[root@test tmp]# uname -a
Linux test 2.6.24.1 #1 Sun Feb 10 00:06:49 EST 2008 i686 unknown

Is there any known fix/patch for this?
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/