11 Feb
2008
11 Feb
'08
1:49 a.m.
zcat(a)mandela:~$ ./vmsplice ----------------------------------- Linux vmsplice Local Root Exploit By qaaz ----------------------------------- [+] mmap: 0x0 .. 0x1000 [+] page: 0x0 [+] page: 0x20 [+] mmap: 0x4000 .. 0x5000 [+] page: 0x4000 [+] page: 0x4020 [+] mmap: 0x1000 .. 0x2000 [+] page: 0x1000 [+] mmap: 0xb7fbe000 .. 0xb7ff0000 [+] root root(a)mandela:~# OUCH!!!! Exploit is here; http://www.milw0rm.com/exploits/5092 Instant temporary fix (zaps the live kernel with a NOP in the appropriate place) is mentioned here;http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=464953#14 Actual code for fix; http://www.ping.uio.no/~mortehu/disable-vmsplice-if-exploitable.c