Re: [PATCH] kernel 2.6.24.1 still vulnerable to the vmsplice local root exploit
From: Oliver Pinter
Date: Sun Feb 10 2008 - 07:04:50 EST
hmmm, with 2.6.22.y serie is too affected
Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
permitted by applicable law.
Last login: Sat Feb 9 15:34:35 2008
oliver@home:~$ ./2617_26241_root_exploit
-----------------------------------
Linux vmsplice Local Root Exploit
By qaaz
-----------------------------------
[+] mmap: 0x0 .. 0x1000
[+] page: 0x0
[+] page: 0x20
[+] mmap: 0x4000 .. 0x5000
[+] page: 0x4000
[+] page: 0x4020
[+] mmap: 0x1000 .. 0x2000
[+] page: 0x1000
[+] mmap: 0xb7f79000 .. 0xb7fab000
[+] root
root@home:~# uname -a
Linux home 2.6.22.17 #3 SMP PREEMPT Mon Feb 4 17:38:33 CET 2008 i686 GNU/Linux
root@home:~#
--
Thanks,
Oliver
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/