Tom Horsley wrote:
On Sun, 19 Jul 2009 09:47:44 -0700
Daniel B. Thurman wrote:
Is this "old news", rehashed (news) hype, or what?
Sounds like a compiler bug to me. If the compiler is removing
a null pointer check for a pointer which could in fact be
null, then clearly the optimizer has gone off the deep end.
I do love that it only happens on systems with selinux or
pulseaudio, both of which I eradicate to the fullest extent
possible as soon as I finish the initial install :-).
It is done via compiler optimization. Look at the link aprovided
nd there also another link within that provides the source code
to demonstrate the exploit. There is also in the comments, several
uTube videos with demonstration and so that means those hackers
that wish to start exploiting are gonna have a field day?
The authors seems to be "bashing" SELinux and Pulse Audio
as they claim that both weakens security and gives details
of this.
Have a read of the exploit.c code and judge for yourself?
--
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines