kdawson from the batten-the-hatches dept.
aquatix writes "This local root exploit (Debian, Ubuntu) seems to work everywhere I try it, as long as it's a Linux kernel version 2.6.17 to 188.8.131.52. If you don't trust your users (which you shouldn't), better compile a new kernel without vmsplice." Here is millw0rm's proof-of-concept code.
Can't open /usr/fortunes. Lid stuck on cookie jar.