The Register: Major Linux Security Glitch Lets Hackers in at
"A major security vulnerability in the Linux kernel, which was
revealed on Sunday, has claimed its first confirmed UK victim in
business ISP Claranet.
"Hackers used a bug in the sys_vmsplice kernel call, which
handles virtual memory management, to gain root privileges and
replace Claranet customers' index.html files with the hacker's
"Not long after we reported that there was a major security hole
in Linux, the Linux kernel developers came up with a permanent
patch for the problem.
"The security hole was with the relatively new Linux kernel
system call sys_vmsplice. This system call moves data from a user
space memory address range via a pipe to another destination. It's
present in Linuxes using the Linux kernel from Version 2.6.17 to
what had been the latest production Linux kernel, 22.214.171.124..."
Some of the products that appear on this site are from companies from which QuinStreet receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. QuinStreet does not include all companies or all types of products available in the marketplace.