blog ntic de revolunet » kernel http://blog.revolunet.com Blog des Nouvelles Technologies de l'Information et de la Communication Tue, 10 Aug 2010 13:02:27 +0000 http://wordpress.org/?v=2.8.4 en hourly 1 vmsplice exploit fix and patching on Debian http://blog.revolunet.com/index.php/reseau/administration/vmsplice-exploit-fix-and-patching-on-debian http://blog.revolunet.com/index.php/reseau/administration/vmsplice-exploit-fix-and-patching-on-debian#comments Mon, 11 Feb 2008 18:00:06 +0000 drax http://sweon.net/2008/02/vmsplice-exploit-fix-and-patching-on-debian = 2.6.17 Fixed in version: 2.6.24.2 Fix You can download the vmsplice patch locally [...]]]> Some vulnerabilities in the Linux kernel where publicly disclosed on the 8th of February 2008. These can be exploited by any user to gain elevated privileges. A “local root” exploit was published Sunday which allows an arbitrary user to escalate to root privileges.

Affected versions: >= 2.6.17
Fixed in version: 2.6.24.2

Fix

You can download the vmsplice patch locally or from the official LKML thread: [PATCH] vmsplice exploit fix

Patching on Debian Etch

Update 12/02/08: Debian repositories have been updated and contain patched kernels. If you’re using a stock kernel, the following two commands should sort you out (providing you reboot afterwards).

aptitude update
aptitude upgrade

Install kernel sources

export KVER=`uname -r`
aptitude update
aptitude install linux-source-${KVER}
cd /usr/src
tar -xjf linux-source-${KVER}.tar.bz2
ln -s linux-source-${KVER} linux
cd linux

Patch kernel sources

patch < vmsplice.patch -p1

Compile kernel and install

You'll want to copy your existing kernel configuration.

cp /boot/config-${KVER} .config
make-kpkg clean
make-kpkg --initrd --append-to-version=-mykernelname kernel_image
cd ..
dpkg -i linux-image-${KVER}-mykernelname_${KVER}-mykernelname-10.00.Custom_i386.deb
reboot

References

]]> http://blog.revolunet.com/index.php/reseau/administration/vmsplice-exploit-fix-and-patching-on-debian/feed 8