Linux Kernel 2.6 Local Root Exploit
aquatix writes "This local root exploit (Debian, Ubuntu) seems to work everywhere I try it, as long as it's a Linux kernel version 2.6.17 to 2.6.24.1. If you don't trust your users (which you shouldn't), better compile a new kernel without vmsplice." Here is millw0rm's proof-of-concept code.
And the next sound you shall hear are millions of nerds rushing into their offices to compile a new kernel on a sunday afternoon... along with the millions of cell phones ringing as the bosses read this...
Karma Whoring for Fun and Profit.
I strongly suspect this code doesn't do what it says on the tin.
Phew, lucky I run MS Windows then !!
Which reminds me, have you done your emerge -abuop6QvvvvVVvVVxz world yet today?
Get your own free personal location tracker
Quick, cue the Linux apologists! Damage control! Spin it! Only noobs and bad administrators would be affected!
Yeah, this is an example of one of the millions of Linux kernel holes there are out there. Every now and then, a blackhat gets a job and wants to impress his employer so he pulls out some of his old code and polishes it up. You can tell when it happens because they are so childish that they make the exploit trivial to demonstrate and distribute it far and wide. And you just know that every blackhat who had a variant of this exploit in their personal collection are like "well thanks asshole, now I've got one less Linux kernel exploit.. bastard."
How we know is more important than what we know.
Thankfully, nobody runs Linux on enterprise-class hardware.
"Remember when the U.S. had a drug problem, and then we declared a War On Drugs, and now you can't buy drugs anymore?"
However, bricks = shat.
Come on now, that simply assigns shat to bricks (and that's some nasty use of the comma operator to separate statements). I think you meant:
Note that we don't have to dispose of the bricks we shit, as that's taken care of elsewhere. And of course, if we all still wrote VAX assembler we would be able to optimise this by using the SHTBRCKS instruction.
XenoPhage
Technological Musings