Life Pattern

Author: zimage

  • Linux kernel vmsplice root exploit

    Two strings walk into a bar. The first says, “Hello, I’d like a ciderO’y?kI’U`,E’*@???’?? ?!>A~Xx?(y’n?.” The second says, “Please excuse my friend, he’s not null-terminated.”

    If you are running Linux kernel newer than 2.6.17 but older than 2.6.24.2 or 2.6.23.16 then any local user can easily become root or at least crash your system.

    There are actually two different security issues related to vmsplice() system call and both of them could lead to local privileges escalation. This is especially bad for people who don’t fully control content on and access to their servers – e.g. web hosting companies. The other bad news is that vmsplice() is part of the core kernel and there is no configuration option to exclude it.

    Two separate exploits have been publicly released which exploit each of the two issues respectively.

    The first issue was classified as CVE-2008-0009 and CVE-2008-0010 and was fixed by linux kernels 2.6.23.15 and 2.6.24.1.

    The situation with the second issue, classified as CVE-2008-0600 was much worse. It was introduced with the initial implementation of vmsplice() and affects all kernels after 2.6.17 inclusively. There was an exploit in the wild for more than 24 hours without proper fix for the problem. I’m sure that even though there are patched versions now – linux 2.6.24.2 and 2.6.23.16 – at least 2-3 more days will pass before the number of vulnerable systems is reduced enough.

    IMHO this is one of the worst 0-day Linux kernel exploits in years. I hope it won’t happen again soon. But you should be careful because all this has happened before and will definitely happen again someday.

  • hello, world

    Did you know that the tradition of using the phrase “Hello world!” as a test message was influenced by an example program in the book The C Programming Language. The example program from that book was inherited from a 1974 Bell Laboratories internal memorandum by Brian Kernighan, Programming in C: A Tutorial.

    I’ve been in two minds about going blogging for a couple of years. I didn’t want one more thing to waste time with, especially having in mind that I’m writing challenged (actually communication challenged). Being an introvert type I’m expending great deal of mental energy trying to express myself.

    Anyway, I hope communication is skill and can be improved by practicing it, so in the long run it may turn out to be the reason to blog rather than not to.

    Another thing is that like most people I forget. Few days ago I stumbled upon a linux related mailing list archive and it was really funny to reread my own posts from like 8-9 years ago. Likewise now when I and Antonia wonder about when something has happened we just go to her blog and check it out. I hope I will have the patience and persistence to update this blog regularly so it would become a valuable database with memories.

    And last but not least: I’ll be preparing for IELTS certification soon so blogging in English is one more way to exercise.

    Originally I wanted to write about many more things in this post but I don’t want to become boring. So here I stop and as Vetinari would have said: “And now, please, I’m sure you all are very busy, don’t let me detain you”!