[Dailydave] On exploiting null ptr derefs, disabling SELinux, and silently fixed Linux vulns

[Michal Zalewski]

On Mon, 5 Mar 2007, Michal Zalewski wrote:

> The flaw is caused by a missing check that allows you to gain access to
> the first physical page of memory, which you can then read or write.

And yeah, that's incorrect. I misread the exploit; it indeed relies on
planting readable 0x0000000 in process memory for the kernel to tap into.
That doesn't change the fact I (somewhat) disagree with the naming of this
flaw, but yeah, I suck, among other things, for typing faster than I
read.

Regards,
/mz
k