New Linux Kernel Flaw Allows Null Pointer Exploits
Trailrunner7 writes "A new flaw in the latest release of the Linux kernel gives attackers the ability to exploit NULL pointer dereferences and bypass the protections of SELinux, AppArmor and the Linux Security Module. Brad Spengler discovered the vulnerability and found a reliable way to exploit it, giving him complete control of the remote machine. This is somewhat similar to the magic that Mark Dowd performed last year to exploit Adobe Flash. Threatpost.com reports: 'The vulnerability is in the 2.6.30 release of the Linux kernel, and in a message to the Daily Dave mailing list Spengler said that he was able to exploit the flaw, which at first glance seemed unexploitable. He said that he was able to defeat the protection against exploiting NULL pointer dereferences on systems running SELinux and those running typical Linux implementations.'"
This language is called Pedantry. A pedant pedantically peddles english into pedanticism.
They create vulnerabilities by allowing remote code to overload error handlers and thus pwn your system?
sed -e 's/Chuck Norris/Rajnikant/g' joke > fact
don't know why but "uname -a" was replaced by ">" in my above post...something I did
gcc -pedantic $@
Right... Because Microsoft are really losing sleep over the negative comments posted on slashdot, so they have assembled a crack team of slashdotters to game the moderation system in their favour.
You have to be kidding me.
If I had created the world I wouldn't have messed about with butterflies and daffodils. I would have started with lasers
Guys, I'm trying to decide what to post:
[ ] Downplay how serious flaw is ...or we could RFA
[ ] Compare to Window's track record
[x] Make a meta-reference to Slashdot psychology
[ ] Post work-around that doesn't fix problem
[ ] Say that flaw is a feature
[ ] bash Windows
[ ] Claim that not all Windows software is bad
[ ] Claim that the more popular gets, Linux will be targeted more
[ ] Pretend I understand the problem
Slashdot needs Geekcode | Can anyone recommend any good SCIFI? My tastes: Foundation, Startide Rising, CITY, Ringworld,
but, erm...
You're right...
I should have had that coffee first...
--- Hindsight is 20/20, but walking backwards is not the answer.
Because... so many people know the C language? And you clearly don't?
i compiled my kernel using that flag , and now it boots Windows instead.
Slipping shoelaces ?