Apologies, this won't appear in the correct thread, as I was not on this mailing list until a few moments ago.
Scott Dowdle wrote: > I haven't tried an exploit program on an OpenVZ Legacy host node to try. Anyone? I have successfully exploited a Legacy node, running kernel 2.6.32-042stab055.16 and then 2.6.32-042stab117.16. This was done using the pokemon PoC from https://github.com/dirtycow/dirtycow.github.io/blob/master/pokemon.c I don't run the actual host, so I don't know how things work there, but I can confirm that OpenVZ legacy nodes are vulnerable. Hopefully the patch can be backported into official channels relatively quickly. I'm personally not too concerned, as this is only a test bed for me, but anyone who runs anything sensitive/critical on an OpenVZ system should be keeping a close eye on it at the very least. William Pettersson
_______________________________________________ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users