Comment 43 for bug 190587

ismail (ismailh) wrote :

The exploit does not seem to work on feisty:
$ gcc vmsplice.c -o vmsp
$ ./vmsp
-----------------------------------
 Linux vmsplice Local Root Exploit
 By qaaz
-----------------------------------
[+] mmap: 0x0 .. 0x1000
[+] page: 0x0
[+] page: 0x20
[+] mmap: 0x4000 .. 0x5000
[+] page: 0x4000
[+] page: 0x4020
[+] mmap: 0x1000 .. 0x2000
[+] page: 0x1000
[+] mmap: 0xb7e20000 .. 0xb7e52000
Segmentation fault (core dumped)

But the exploit works on Gusty and the fix in http://home.powertech.no/oystein/ptpatch2008/ptpatch2008.c seems to work:

Remember that the Makefile (http://home.powertech.no/oystein/ptpatch2008/Makefile) has to be downloaded also. After you run make all, there will be a kernel module called ptpatch2008.ko in the same directory. Insert the module into the kernel:
#insmod ptpatch2008.ko

This will prevent the privilege escalation as long as the machine is not rebooted. You can also insert the module at startup in the event the machine is rebooted. This has worked for me so far, until we get an official fix in the repository.