Kernel privledge escalation links

Hey Kevin, Veter, whoever’s reading this. There’s an exploit going around and almost every linux kernel from 2.6.17 to is vulnerable. It allows a user with access to a compiler, the ability to compile 1 .c file and run it to become root.

The exploit:

(to use it, save the code, run: gcc filename-of-saved.c -o whatever && ./whatever )

The in-memory fix:

This does fix the vmsplice exploit, and you compile and run it the same way you run the exploit, but it seems that it may also open up a DoS condition…Not sure which is worse or if it’s worth the risk.

The upstream kernel fixes: &

These are the fixes if you choose to compile a kernel, also, the kernel has the fixes already in.

There should be new kernel packages in all the distros (we mainly run CentOS…and i’m assuming they will probably have the packages in byWednesday at the latest) by mid-week, but in order for them to apply, we’d need to reboot them.



One Response to “Kernel privledge escalation links”

  1. Erek Dyskant Says:

    I’ve rolled an unofficial kernel with the splice at:

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: