Debian
linux package

mmap() local root exploit (via sys_vmsplice)

Bug #190591 reported by William Pitcock on 2008-02-10

This bug report is a duplicate of: Bug #190587: Local root exploit in kernel 2.6.17 - 2.6.24 (vmsplice). Edit Remove

264

Affects		Status	Importance	Assigned to	Milestone
	linux (Debian)	Fix Released	Unknown	debbugs #464953
	linux-source-2.6.22 (Ubuntu)	New	Undecided	Unassigned

Bug Description

Binary package hint: linux-source-2.6.22

There is a security hole in all versions of linux-2.6 distributed by Ubuntu, including Feisty's and Gutsy's kernels.
The attached exploit code can be used to test if a kernel is vulnerable, it starts a root shell.

NOTE: This exploit is suspected to also cause a DoS against Xen.

CVE References

Revision history for this message

William Pitcock (nenolod) wrote on 2008-02-10:

Example exploit to check for vulnerability, starts a root shell. Edit (5.7 KiB, text/plain)

Bug Watch Updater (bug-watch-updater) on 2008-02-10

Changed in linux:
status:	Unknown → New

Bug Watch Updater (bug-watch-updater) on 2008-02-11

Changed in linux:
status:	New → Fix Committed

Bug Watch Updater (bug-watch-updater) on 2008-02-13

Changed in linux:
status:	Fix Committed → Fix Released

Report a bug

This report contains Public Security information

Everyone can see this security related information.

Duplicate of bug #190587 Remove

You are

Subscribing...

Edit bug mail

Other bug subscribers

Bug attachments

Example exploit to check for vulnerability, starts a root shell. Edit

Add attachment

Remote bug watches

debbugs #464953
[done critical security patch] Edit

Bug watches keep track of this bug in other bug trackers.

Debianlinux package