USA Linux Users Group Forum Index
Log in Register FAQ Memberlist Search USA Linux Users Group Forum Index Album

Security alert (vmsplice root exploit)

 
Post new topic   Reply to topic   printer-friendly view    USA Linux Users Group Forum Index » System Administration and Security
View previous topic :: View next topic  
Author Message
Colonel Panic
New Member


Joined: 11 Sep 2025
Posts: 22
Location: Nebraska
PostPosted: Tue Feb 12, 2025 1:35 am    Post subject: Security alert (vmsplice root exploit) Reply with quote
There's a bug in the kernel (now fixed) that allows a user to gain root access. It's been all over the news, I think, but I wanted to at least mention it here.

Malicious code is at:
http://www.milw0rm.com/exploits/5092

Example run:
Code:

nobody$ ./exploit

[..]

[+] mmap: 0xb7f29000 .. 0xb7f5b000

[+] root

root# ^D


Discussion of bug and patch/fix can be found here:

http://kerneltrap.org/mailarchive/linux-kernel/2008/2/11/810994



_________________
gNewSense 1.1 (www.gnewsense.org/)
GNUmach-1.3 (www.gnu.org/software/hurd/)
Back to top
View user's profile Send private message AIM Address
jada
Linux Guru


Joined: 13 May 2025
Posts: 3064
Location: Sun City, CA 92585
PostPosted: Tue Feb 12, 2025 2:39 am    Post subject: Reply with quote
It's allready fixed in the new kernel updates 02/11/2008 and in Archlinux Kernel 2.6.24.1-2



_________________
openSUSE 11.1 Desktop KDE 4.3.1 buildservice Factory
Linux Mint 7 Desktop Gnome
Back to top
View user's profile Send private message Send e-mail Visit poster's website AIM Address Yahoo Messenger MSN Messenger
crouse
Site Admin


Joined: 17 Apr 2025
Posts: 11833
Location: Iowa
PostPosted: Tue Feb 12, 2025 3:11 am    Post subject: Reply with quote
ditto what jada said....... I updated all my machines today. Not that anyone that has local access to my machines would even begin to know how to do exploit it anyway.



_________________
Veronica - Arch Linux 64-bit -- Kernel 2.6.33.4-1
Archie/Jughead - Arch Linux 32-bit -- Kernel 2.6.33.4-1
Betty/Reggie - Arch Linux (VBox) 32-bit -- Kernel 2.6.33.4-1
BumbleBee - OpenSolaris-SunOS 5.11
Back to top
View user's profile Send private message Visit poster's website AIM Address
Germ
Keeper of the BIG STICK


Joined: 30 Apr 2025
Posts: 12452
Location: Planet Earth
PostPosted: Tue Feb 12, 2025 11:51 am    Post subject: Reply with quote
I updated, too. I really wasn't too concerned about it. It is only a local vulnerability. If you don't have any untrusted user accounts on your system, it's just not a big deal.



_________________
Laptop: Mandriva 2025 PowerPack - 2.6.33.5-0.2mnb
Desktop: Mandriva 2025 Free - kernel 2.6.33.2-1mib
Back to top
View user's profile Send private message Send e-mail Yahoo Messenger
JP
Linux Guru


Joined: 07 Jul 2025
Posts: 6670
Location: Central Montana
PostPosted: Tue Feb 12, 2025 6:08 pm    Post subject: Reply with quote
Germ wrote:
I updated, too. I really wasn't too concerned about it. It is only a local vulnerability. If you don't have any untrusted user accounts on your system, it's just not a big deal.
Since I'm the only one in the house that will use Linux, and I don't have M$WNDOZ on this box, I guess I'm safe Laughing Laughing
....... but I guess I will upgrade .... it's time, I think.



_________________
Dell Box - Arch Linux
Dell Lappy - DreamLinux 3.5 - Default OS
Mepis 8.0 - Backup
Back to top
View user's profile Send private message Visit poster's website
JP
Linux Guru


Joined: 07 Jul 2025
Posts: 6670
Location: Central Montana
PostPosted: Tue Feb 12, 2025 6:16 pm    Post subject: Reply with quote
crouse wrote:
ditto what jada said....... I updated all my machines today. Not that anyone that has local access to my machines would even begin to know how to do exploit it anyway.

crouse - approximately how long (hours/minutes) does it take for one of your slower Arch machines to dist-upgrade? Just curious ...... Smile Smile



_________________
Dell Box - Arch Linux
Dell Lappy - DreamLinux 3.5 - Default OS
Mepis 8.0 - Backup
Back to top
View user's profile Send private message Visit poster's website
jada
Linux Guru


Joined: 13 May 2025
Posts: 3064
Location: Sun City, CA 92585
PostPosted: Tue Feb 12, 2025 6:36 pm    Post subject: Reply with quote
JP wrote:
crouse wrote:
ditto what jada said....... I updated all my machines today. Not that anyone that has local access to my machines would even begin to know how to do exploit it anyway.

crouse - approximately how long (hours/minutes) does it take for one of your slower Arch machines to dist-upgrade? Just curious ...... Smile Smile


Just a note from me, on my slowest PC A PIII 1,2Ghz with with 3x128MB it takes in daily update between 1 Minute to 30 Minutes. A complet rolling release on another semilar machines how was 4 mounth not updated, it have take around two hours including ~ 600Mb downloads.



_________________
openSUSE 11.1 Desktop KDE 4.3.1 buildservice Factory
Linux Mint 7 Desktop Gnome
Back to top
View user's profile Send private message Send e-mail Visit poster's website AIM Address Yahoo Messenger MSN Messenger
Rootboy
Sr. Member


Joined: 11 Aug 2025
Posts: 1947
Location: Lewisburg, Tennessee
PostPosted: Wed Feb 13, 2025 2:08 am    Post subject: Reply with quote
crouse wrote:
ditto what jada said....... I updated all my machines today. Not that anyone that has local access to my machines would even begin to know how to do exploit it anyway.


Exactly.

Local exploits don't get me excited since if anyone has access to my PC then I'm hosed anyways.
Back to top
View user's profile Send private message
JP
Linux Guru


Joined: 07 Jul 2025
Posts: 6670
Location: Central Montana
PostPosted: Wed Feb 13, 2025 2:39 am    Post subject: Reply with quote
Sorry jada, I had thought I deleted that post .... I started a new thread to keep from crapping this thread .... I upgraded to the 2.6.24.2 kernel today, so the exploit should be covered ........ sehr gut?



_________________
Dell Box - Arch Linux
Dell Lappy - DreamLinux 3.5 - Default OS
Mepis 8.0 - Backup
Back to top
View user's profile Send private message Visit poster's website
inactive
Sr. Member


Joined: 29 Aug 2025
Posts: 1207
PostPosted: Wed Feb 13, 2025 4:42 pm    Post subject: Reply with quote
MDV's fix broke it. lolol. I'm not even bothering to update it.

Post after post after post of update issues over yonder.



_________________
Mandriva 2025.1 PWP
Mandriva Cooker
ArtistX live
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic   printer-friendly view    USA Linux Users Group Forum Index » System Administration and Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
All content © 2025-2009 - Usa Linux Users Group
This forum is powered by phpBB. © 2025-2009 phpBB Group
Theme created by phpBBStyles.com and modified by Crouse