CVE-2008-0010

Linux kernel <2.6.25 - Info Disclosure

Title source: llm

Exploitation Summary

EIP tracks 2 public exploits for CVE-2008-0010. PoCs published by qaaz.

AI-analyzed exploit summary This exploit leverages the vmsplice vulnerability (CVE-2008-0600) in Linux kernels 2.6.23-2.6.24 to achieve local privilege escalation by manipulating kernel memory and overwriting process credentials.

Description

The copy_from_user_mmap_sem function in fs/splice.c in the Linux kernel 2.6.22 through 2.6.24 does not validate a certain userspace pointer before dereference, which allow local users to read from arbitrary kernel memory locations.

Exploits (2)

exploitdb WORKING POC VERIFIED

by qaaz · clocallinux

https://www.exploit-db.com/exploits/5093

View Code ZIP pw:eip

This exploit leverages the vmsplice vulnerability (CVE-2008-0600) in Linux kernels 2.6.23-2.6.24 to achieve local privilege escalation by manipulating kernel memory and overwriting process credentials.

Classification

Working Poc 100%

Attack Type

Lpe

Complexity

Moderate

Reliability

Reliable

Target: Linux kernel 2.6.23 - 2.6.24

No auth needed

Prerequisites: Local access to the vulnerable system · Kernel version 2.6.23-2.6.24

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation

devstral-2 · analyzed Feb 16, 2026 Full analysis →

exploitdb WORKING POC

clocallinux

https://www.exploit-db.com/exploits/5092

View Code ZIP pw:eip

This is a functional local privilege escalation exploit for CVE-2008-0010, targeting a vulnerability in the Linux kernel's vmsplice system call (versions 2.6.17 to 2.6.24.1). The exploit manipulates kernel memory structures to escalate privileges to root by corrupting the current process's credential structure.

Classification

Working Poc 100%

Attack Type

Lpe

Complexity

Complex

Reliability

Reliable

Target: Linux kernel 2.6.17 - 2.6.24.1

No auth needed

Prerequisites: Local access to a vulnerable Linux system · Kernel version within the affected range

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation

devstral-2 · analyzed Feb 19, 2026 Full analysis →

References (13)

Core 13

Core References

Third Party Advisory vendor-advisory x_refsource_debian

http://www.debian.org/security/2008/dsa-1494

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/27796

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/28875

Exploit x_refsource_confirm

http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.24.1

Third Party Advisory vdb-entry x_refsource_vupen

http://www.vupen.com/english/advisories/2008/0487/references

Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq

http://www.securityfocus.com/archive/1/487982/100/0/threaded

Exploit x_refsource_misc

http://isec.pl/vulnerabilities/isec-0026-vmsplice_to_kernel.txt

Vendor Advisory vendor-advisory x_refsource_fedora

https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00254.html

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/28896

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/28835

Exploit, Third Party Advisory exploit x_refsource_exploit-db

https://www.exploit-db.com/exploits/5093

Vendor Advisory vendor-advisory x_refsource_fedora

https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00255.html

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/27704

Scores

EPSS 0.0022

EPSS Percentile 45.5%

Details

CWE

CWE-20

Status published

Products (19)

linux/linux_kernel 2.6.22 (2 CPE variants)

linux/linux_kernel 2.6.22.1

linux/linux_kernel 2.6.22.3

linux/linux_kernel 2.6.22.4

linux/linux_kernel 2.6.22.5

linux/linux_kernel 2.6.22.6

linux/linux_kernel 2.6.22.7

linux/linux_kernel 2.6.22.16

linux/linux_kernel 2.6.23 (3 CPE variants)

linux/linux_kernel 2.6.23.1

... and 9 more

Published Feb 12, 2008

Tracked Since Feb 18, 2026