信息来源：邪恶八进制信息安全团队（www.eviloctal.com）

> There is a security hole "splice: missing user pointer access verification
> (CVE-2008-0009/10)"  (exploit exist as proof of concept) for all kernels
> between 2.6.12-2.6.24.1 (included) which allows any user get root access
> --

vmsplice() has cause several vulnerabilities recently, and it's
trivial to exploit:

http://forum.eviloctal.com/thread-32206-1-1.html

There are patches and updated kernel packages appearing for the various *nixs:

http://kerneltrap.org/Linux/Patc ... _Local_Root_Exploit

一些临时的解决方法：
http://www.avertlabs.com/researc ... l-vmsplice-exploit/