Apologies, this won't appear in the correct thread, as I was not on this
mailing list until a few moments ago.


Scott Dowdle wrote:
> I haven't tried an exploit program on an OpenVZ Legacy host node to try.
Anyone?

I have successfully exploited a Legacy node, running kernel
2.6.32-042stab055.16 and then 2.6.32-042stab117.16. This was done using the
pokemon PoC from
https://github.com/dirtycow/dirtycow.github.io/blob/master/pokemon.c

I don't run the actual host, so I don't know how things work there, but I
can confirm that OpenVZ legacy nodes are vulnerable. Hopefully the patch
can be backported into official channels relatively quickly. I'm personally
not too concerned, as this is only a test bed for me, but anyone who runs
anything sensitive/critical on an OpenVZ system should be keeping a close
eye on it at the very least.

William Pettersson
_______________________________________________
Users mailing list
Users@openvz.org
https://lists.openvz.org/mailman/listinfo/users

Reply via email to