bugzilla@redhat.com wrote: > Paul Starzetz discovered a flaw in return value checking in mremap() > in the Linux kernel versions 2.4.24 and previous that may allow a local > attacker to gain root privileges. No exploit is currently available; > ... There is an Proof-of-concept exploit available: http://www.derkeiler.com/Mailing-Lists/Securiteam/2004-02/0052.html Ulrich Keil -- http://www.derkeiler.com PGP Fingerprint: 5FA4 4C01 8D92 A906 E831 CAF1 3F51 8F47 1233 9AAD Public key available at http://www.derkeiler.com/uk/pgp-key.asc
