"As this is being written, distributors are working quickly to
ship kernel updates fixing the local root vulnerabilities in the
vmsplice() system call. Unlike a number of other recent
vulnerabilities which have required special situations (such as the
presence of specific hardware) to exploit, these vulnerabilities
are trivially exploited and the code to do so is circulating on the
net. The author found himself wondering how such a wide hole could
find its way into the core kernel code, so he set himself the task
of figuring out just what was going on - a task which took rather
longer than he had expected.
"The splice() system call, remember, is a mechanism for creating
data flow plumbing within the kernel..."
Some of the products that appear on this site are from companies from which QuinStreet receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. QuinStreet does not include all companies or all types of products available in the marketplace.