Blogs

Linux kernel vmsplice() local privilege escalation exploit

http://secunia.com/advisories/28835/ - A bug in the vmsplice() call in the Linux kernel can allow a local user to escalate privileges to root. Sample code is available and has been verified as working. This bug affects kernel version 2.6.17 - 2.6.24.1, although the privilege escalation only works in the extended version of vmsplice() in 2.6.23 - 2.6.24. A patch partially fixing the bug is available in 2.6.24.2.

Linux kernel vmsplice() local privilege escalation exploit

http://secunia.com/advisories/28835/ - A bug in the vmsplice() call in the Linux kernel can allow a local user to escalate privileges to root. Sample code is available and has been verified as working. This bug affects kernel version 2.6.17 - 2.6.24.1, although the privilege escalation only works in the extended version of vmsplice() in 2.6.23 - 2.6.24. A patch partially fixing the bug is available in 2.6.24.2.

Linux kernel vmsplice() local privilege escalation exploit

http://secunia.com/advisories/28835/ - A bug in the vmsplice() call in the Linux kernel can allow a local user to escalate privileges to root. Sample code is available and has been verified as working. This bug affects kernel version 2.6.17 - 2.6.24.1, although the privilege escalation only works in the extended version of vmsplice() in 2.6.23 - 2.6.24. A patch partially fixing the bug is available in 2.6.24.2.

Mac OS 10.5.1 update released

http://docs.info.apple.com/article.html?artnum=307004 - The Block all incoming connections setting for the Application Firewall allows any process running as user root (UID 0) to receive incoming connections, and also allows mDNSResponder to receive connections. This could result in the unexpected exposure of network services, as the original description is misleading. Please take this into account when locking down your OS 10.5 system.

Pages