Root exploit for Linux 2.6.24.1
Posted by micele - 11/02/08 at 12:02:34 pm
It’s time for a new local root exploit on the linux kernel. Two exploits have been reported. Both are based on leaky dealing with pointers regarding the function vmsplice, brought in by kernel release 2.6.17. For this reason one of the exploits works for all kernel versions from 2.6.17 to 2.6.24.1. Kernel Bug Tracker says:
Both exploits cause kernel Oops or (randomly) give root privilegies to the user.
A new kernel version 2.6.24.2 has been released and the regarding changelog reports a kind of fix. But comments like
But we also must check whether we can access the actual memory region pointed to by the struct iovec to fix the access checks properly.
still don’t sound like 100% fixed and reliable…
-
Search
Powered by WordPress with GimpStyle Theme design by Horacio Bella. Get Entries and comments.