[PATCH] vm: splice local root exploit fix for 2.6.22.y

    Based on Bastian Blank's patch
    Fix for CVE_2008_0009 and CVE_2008-0010

    Signed-off-by: Oliver Pinter <oliver.pntr@gmail.com>

Index: linux-2.6.22-source/fs/splice.c
===================================================================
--- linux-2.6.22-source.orig/fs/splice.c
+++ linux-2.6.22-source/fs/splice.c
@@ -1181,6 +1181,12 @@
 		if (unlikely(!base))
 			break;
 
+		/* CVE-2008-0009, CVE-2008-0010 fix */
+		if(!access_ok(VERIFY_READ, base, len)) {
+			error = -EFAULT;
+			break;
+		}
+
 		/*
 		 * Get this base offset and number of pages, then map
 		 * in the user pages.