OpenVZ Forum: Users » kernel exploit in the wild

Home » Mailing lists » Users » kernel exploit in the wild

Show: Today's Messages :: Show Polls :: Message Navigator
E-mail to friend

Re: kernel exploit in the wild [message #27139 is a reply to message #27138]

Mon, 11 February 2008 01:56

Steve Wray
Messages: 18
Registered: August 2007

Junior Member

John Maclean wrote:
> There's a kernel exploit in the wild [0]. I've run it on a couple of
> nodes and it __does__ allow a non-root user root access. Has any one
> tried it on a Hardware node or within a VE? Within a VE all I got was a
> kernel oops and it was too low-level for me to decypher...
> 
> [0] https://bugzilla.redhat.com/show_bug.cgi?id=432229

I tried it.

On a VE it gives a segfault

./a.out
-----------------------------------
  Linux vmsplice Local Root Exploit
  By qaaz
-----------------------------------
[+] mmap: 0x0 .. 0x1000
[+] page: 0x0
[+] page: 0x20
[+] mmap: 0x4000 .. 0x5000
[+] page: 0x4000
[+] page: 0x4020
[+] mmap: 0x1000 .. 0x2000
[+] page: 0x1000
[+] mmap: 0xb7e37000 .. 0xb7e69000
Segmentation fault

If you go and have a look at the host theres an oops:

BUG: unable to handle kernel NULL pointer dereference at virtual address 
00000000

The system becomes unstable after this.

Report message to a moderator

[Message index]

		kernel exploit in the wild By: John Maclean on Mon, 11 February 2008 01:40
		Re: kernel exploit in the wild By: Steve Wray on Mon, 11 February 2008 01:56

Previous Topic:	Error with 2.6.24 and VLAN devices
Next Topic:	problems wit 2.6.24 from git

Goto Forum:

-=] Back to Top [=-

[ Syndicate this forum (XML) ] [

] [

]

Current Time: Tue Nov 19 16:05:28 GMT 2024

Total time taken to generate the page: 0.03572 seconds