SHARE
CORE IMPACT v7.5 - Exploits Update (Mon Feb 11 2008)
Linux Kernel Vmsplice() Privilege Escalation Exploit
Exploits/Local [Linux]
• Mon Feb 11 2008
Exploits a missing verification of parameters within the vmsplice_to_user(), copy_from_user_mmap_sem(), and get_iovec_page_array() functions in fs/splice.c before using them to perform certain memory operations. This can be exploited to e.g. read or write to arbitrary kernel memory via a specially crafted vmsplice() system call, and allows an unprivileged process to elevate privileges to root.
Exploits Vulnerabiltiy: CVE-2008-600