zcat@mandela:~$ ./vmsplice <br>-----------------------------------<br>&nbsp;Linux vmsplice Local Root Exploit<br>&nbsp;By qaaz<br>-----------------------------------<br>[+] mmap: 0x0 .. 0x1000<br>[+] page: 0x0<br>[+] page: 0x20<br>[+] mmap: 0x4000 .. 0x5000<br>
[+] page: 0x4000<br>[+] page: 0x4020<br>[+] mmap: 0x1000 .. 0x2000<br>[+] page: 0x1000<br>[+] mmap: 0xb7fbe000 .. 0xb7ff0000<br>[+] root<br>root@mandela:~# <br><br><br>OUCH!!!!<br><br>Exploit is here; <a href="http://www.milw0rm.com/exploits/5092">http://www.milw0rm.com/exploits/5092</a><br>
<br>Instant temporary fix (zaps the live kernel with a NOP in the appropriate place) is mentioned here;http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=464953#14<br>Actual code for fix; <a href="http://www.ping.uio.no/~mortehu/disable-vmsplice-if-exploitable.c">http://www.ping.uio.no/~mortehu/disable-vmsplice-if-exploitable.c</a><br>
<br>