Vmsplice() local root exploit

The vmsplice() local root exploit was a short-lived vulnerability in the Linux kernel that allowed a user with shell access to mount a privilege escalation attack to gain root privileges against a system running versions of the kernel later than 2.6.17.^[1]^[2] This remained unpatched for several days, but was fixed in kernel version 2.6.24.2. ^[1]

References

^ ^a ^b Purczynskiof, Wojciech (2008-02-11). "Linux Kernel "vmsplice()" System Call Vulnerabilities". Secunia. Retrieved 2008-04-16. {{cite news}}: Check date values in: |date= (help); Unknown parameter |coauthors= ignored (|author= suggested) (help)
^ Dawson (2008-02-10). "Linux Kernel "vmsplice()" System Call Vulnerabilities". Slashdot. SourceForge. Retrieved 2008-04-16. {{cite news}}: Check date values in: |date= (help); Cite has empty unknown parameter: |coauthors= (help)

[Secunia-1] Purczynskiof, Wojciech (2008-02-11). "Linux Kernel "vmsplice()" System Call Vulnerabilities". Secunia. Retrieved 2008-04-16. {{cite news}}: Check date values in: |date= (help); Unknown parameter |coauthors= ignored (|author= suggested) (help)

[2] Dawson (2008-02-10). "Linux Kernel "vmsplice()" System Call Vulnerabilities". Slashdot. SourceForge. Retrieved 2008-04-16. {{cite news}}: Check date values in: |date= (help); Cite has empty unknown parameter: |coauthors= (help)

[1]

[2]