Hello, community. Maybe most of you have heard that there's a bug in vmsplice(2), the local user can get the root's exploit easily. This is the test in my machine: kermit@linux-myt:~/Programming/C> id uid=1000(kermit) gid=100(users) groups=16(dialout),33(video),100(users),1111(vboxusers) kermit@linux-myt:~/Programming/C> ./vmtest ----------------------------------- Linux vmsplice Local Root Exploit By qaaz ----------------------------------- [+] mmap: 0x0 .. 0x1000 [+] page: 0x0 [+] page: 0x20 [+] mmap: 0x4000 .. 0x5000 [+] page: 0x4000 [+] page: 0x4020 [+] mmap: 0x1000 .. 0x2000 [+] page: 0x1000 [+] mmap: 0xb7ed3000 .. 0xb7f05000 [+] root linux-myt:~/Programming/C # id uid=0(root) gid=0(root) groups=16(dialout),33(video),100(users),1111(vboxusers) linux-myt:~/Programming/C # uname -r 2.6.22.5-31-default linux-myt:~/Programming/C # In Kernel 2.6.24, there's also exist this bug. This bug has been repaired, you can get the information from the following link: http://lkml.org/lkml/2008/2/10/118 <http://lkml.org/lkml/2008/2/10/118> The following stable edition is for this bug: 2.6.24.2 http://lkml.org/lkml/2008/2/11/17 <http://lkml.org/lkml/2008/2/11/17> 2.6.23.16 http://lkml.org/lkml/2008/2/11/19 2.6.22.18 http://lkml.org/lkml/2008/2/11/27 Repair our system,please. By the way, using the following code, you can test you system whether this bug exist: http://www.milw0rm.com/exploits/5092 Kind regards kermit -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org