Fue la gran noticia, el domingo y ayer… parece que sin embargo no ha sido noticia, que se arreglo como a las 36 horas. (Se que lo han hecho tambien en RH, SUSE y otros, pero actualmente ya no tengo en producción ningun RH, al menos a mi cargo), pero al menos en Debian ya esta resuelto…
vicm3@foo:~$ ./a.out
———————————–
Linux vmsplice Local Root Exploit
By qaaz
———————————–
[+] mmap: 0x0 .. 0x1000
[+] page: 0x0
[+] page: 0x20
[+] mmap: 0x4000 .. 0x5000
[+] page: 0x4000
[+] page: 0x4020
[+] mmap: 0x1000 .. 0x2000
[+] page: 0x1000
[+] mmap: 0xb7e5c000 .. 0xb7e8e000
[-] vmsplice: Bad address
vicm3@foo:~$ uname -a
Linux foo 2.6.18-6-686 #1 SMP Sun Feb 10 22:11:31 UTC 2008 i686 GNU/Linux
De la pagina de anuncios de seguridad:
**Debian Security Advisory
DSA-1494-1 linux-2.6 — missing access checks
Date Reported:
11 Feb 2008
Affected Packages:
linux-2.6
Vulnerable:
Yes
Security database references:
In Mitre’s CVE dictionary: CVE-2008-0163, CVE-2008-0600.
More information:
The vmsplice system call did not properly verify address arguments passed by user space processes, which allowed local attackers to overwrite arbitrary kernel memory, gaining root privileges (CVE-2008-0600).
In the vserver-enabled kernels, a missing access check on certain symlinks in /proc enabled local attackers to access resources in other vservers (CVE-2008-0163).
The old stable distribution (sarge) is not affected by this problem.
For the stable distribution (etch), this problem has been fixed in version 2.6.18.dfsg.1-18etch1.
In addition to these fixes, this update also incorporates changes from the upcoming point release of the stable distribution.
The unstable (sid) and testing distributions will be fixed soon.
We recommend that you upgrade your linux-2.6 package.
[snip]
**
C’est la vie.