On 14 Aug 2009, at 17:30, Ma, Mingchao (STFC,RAL,ESC) wrote:
>
> To uninstall/blacklist the kernel modules listed in EGEE CSIRTs
> email means you are trying to eliminate the vulnerability code, but
> the NULL pointer dereference vulnerability might also exist in
> other codes which we do not know. And NULL pointer dereference
> vulnerability is not uncommon.
It is worth remembering that, just like the earlier, related, exploit
(CVE-2009-1897) that even if the problems with mmap ing user code to
address 0 are resolved, you are still left with the kernel performing
a dereference of a null pointer. This has undefined behaviour, but
typically results in a kernel crash (due to segmentation fault).
|