mmap() local root exploit (via sys_vmsplice)

Bug #190591 reported by William Pitcock on 2008-02-10
Affects Status Importance Assigned to Milestone
linux (Debian)
Fix Released
linux-source-2.6.22 (Ubuntu)

Bug Description

Binary package hint: linux-source-2.6.22

There is a security hole in all versions of linux-2.6 distributed by Ubuntu, including Feisty's and Gutsy's kernels.
The attached exploit code can be used to test if a kernel is vulnerable, it starts a root shell.

NOTE: This exploit is suspected to also cause a DoS against Xen.

CVE References

Changed in linux:
status: Unknown → New
Changed in linux:
status: New → Fix Committed
Changed in linux:
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public Security information  Edit
Everyone can see this security related information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.