> but seems to be another solution which apparently compiles to a kernel > module which will catch and report attempts to (ab)use vmsplice at > http://home.powertech.no/oystein/ptpatch2008/ptpatch2008.c
I've just tried to compile this module. It successfully insmod'ed: Feb 11 12:54:29 zigzag kernel: ptpatch2008: init, (c) 2008 [EMAIL PROTECTED] Feb 11 12:54:29 zigzag kernel: ptpatch2008: syscalls c02ea3c0 Feb 11 12:54:29 zigzag kernel: hooked sys_vmsplice However exploit code from the top of http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=464953 still works: [EMAIL PROTECTED]:~/adm/hotfix> ./exploit ----------------------------------- Linux vmsplice Local Root Exploit By qaaz ----------------------------------- [+] mmap: 0x0 .. 0x1000 [+] page: 0x0 [+] page: 0x20 [+] mmap: 0x4000 .. 0x5000 [+] page: 0x4000 [+] page: 0x4020 [+] mmap: 0x1000 .. 0x2000 [+] page: 0x1000 [+] mmap: 0xb7d97000 .. 0xb7dc9000 [+] root [EMAIL PROTECTED]:~/adm/hotfix> whoami root -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
