New Linux Kernel Flaw Allows Null Pointer Exploits

Trailrunner7 writes "A new flaw in the latest release of the Linux kernel gives attackers the ability to exploit NULL pointer dereferences and bypass the protections of SELinux, AppArmor and the Linux Security Module. Brad Spengler discovered the vulnerability and found a reliable way to exploit it, giving him complete control of the remote machine. This is somewhat similar to the magic that Mark Dowd performed last year to exploit Adobe Flash. Threatpost.com reports: 'The vulnerability is in the 2.6.30 release of the Linux kernel, and in a message to the Daily Dave mailing list Spengler said that he was able to exploit the flaw, which at first glance seemed unexploitable. He said that he was able to defeat the protection against exploiting NULL pointer dereferences on systems running SELinux and those running typical Linux implementations.'"

Re:Double standards

[Dunbal]

Either slashdotters don't run linux anymore, or windows actually grown to a nice product.

OR, Microsoft has a team of paid shills with several slashdot accounts each to "adjust" moderation in their favor and flame anyone who dares say anything about THAT PIECE OF SHIT SOFTWARE COMPANY we call Microsoft.

Re:Wait, what?

[mal0rd]

Right, because:

if (!flag) // looks like I'm testing a pointer??
if (!count) // looks like I'm testing a flag??
if (!ptr) // looks like I'm testing a counter??

Not only should the name give a clue, but the type of the variable should be available within the past 50 lines or so. I have a bigger problem with the readability of complex conditionals and the !ptr syntax helps. Actually I'm interested if you can give an example of good code where ptr == NULL is more clear than !ptr.