[vserver] Patched base.c file for the CVE-2012-0056 root privilege escalation exploit for the 3.0.17 VServer kernel

From: Jean Weisbuch <jean_at_phpnet.org>
Date: Mon 23 Jan 2012 - 23:10:57 GMT
Message-ID: <4F1DE901.7030307@phpnet.org>

Hello everyone,

The kernel >=2.6.39 are vulnerable to a privilege escalation exploit
related to /proc/<pid>/mem, i tested one of the available exploit on a
3.0.9 VServer kernel and it allow any unprivileged user on the host
system but also on guests to gain root privilege ; for more infos about
it : http://blog.zx2c4.com/749

I patched a VServer patched base.c with the Linus patch
(http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=e268337dfe26dfc7efd422a804dbb27977a3cccc#patch1)
from the 3.0.17 sources (from the linux-source-3.0.17-vs2.3.2.1-beng
package), i had to manually patch the chunck #1 which was rejected at
first but the others didnt make any complaint.

Here is the patched base.c file : http://jbboin.phpnet.org/base.c

I am now compiling a kernel package with this patch, will share the
package as soon as it finished compiling (and if it seems to work).

Regards.
Received on Mon Jan 23 23:11:14 2012

[Next/Previous Months] [Main vserver Project Homepage] [Howto Subscribe/Unsubscribe] [Paul Sladen's vserver stuff]
Generated on Mon 23 Jan 2012 - 23:11:15 GMT by hypermail 2.1.8