209533 – sys-kernel/gentoo-sources-2.6.24-r1: vmsplice() exploit still works?

Bug 209533 - sys-kernel/gentoo-sources-2.6.24-r1: vmsplice() exploit still works?

Summary: sys-kernel/gentoo-sources-2.6.24-r1: vmsplice() exploit still works?

Status:	RESOLVED DUPLICATE of bug 209460

Alias:	None

Product:	Gentoo Security
Classification:	Unclassified
Component:	Kernel (show other bugs)
Hardware:	AMD64 Linux

Importance:	High critical (vote)
Assignee:	Gentoo Security

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2008-02-10 14:32 UTC by cnu
Modified:	2008-02-10 14:33 UTC (History)
CC List:	0 users

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description cnu 2008-02-10 14:32:43 UTC

I *think* vmsplice() root exploit still works. I installed gentoo-sources-2.6.24-r1 now, and nothing changed ^^ likewhoa said I should file bug :p I have amd64 if that matters.

http://www.milw0rm.com/exploits/5092

Reproducible: Always

Steps to Reproduce:
$ uname -a
Linux cnupc 2.6.24-gentoo-r1 #3 SMP PREEMPT Sun Feb 10 15:10:52 CET 2008 x86_64 Intel(R) Core(TM)2 Quad CPU @ 2.40GHz GenuineIntel GNU/Linux

$ ./getroot
-----------------------------------
 Linux vmsplice Local Root Exploit
 By qaaz
-----------------------------------
[+] mmap: 0x100000000000 .. 0x100000001000
[+] page: 0x100000000000
[+] page: 0x100000000038
[+] mmap: 0x4000 .. 0x5000
[+] page: 0x4000
[+] page: 0x4038
[+] mmap: 0x1000 .. 0x2000
[+] page: 0x1000
[+] mmap: 0x2aab81994000 .. 0x2aab819c6000
[+] root
cnupc getroot # whoami
root


Expected Results:  
Not given me root I think :p

Comment 1 Jakub Moc (RETIRED) gentoo-dev

2008-02-10 14:33:48 UTC


*** This bug has been marked as a duplicate of bug 209460 ***