US-CERT has received information that public exploit information is available for a vulnerability affecting Linux kernels 2.6.17 to 2.6.24.1. These kernel versions contain a buffer overflow vulnerability in the get_user_pages function which may allow an unprivileged local attacker to gain root privileges.

US-CERT encourages users to upgrade to Linux kernel version 2.6.24.2.

US-CERT will provide more information as it becomes available.