Re: rPSA-2006-0122-1 kernel

[Paul Starzetz <paul () starzetz de>]

Justin M. Forbes wrote:

> Description:
>    Previous versions of the kernel package are vulnerable to two denial
>    of service attacks.  The first allows any local user to fill up file
>    systems by causing core dumps to write to directories to which they
>    do not have write access permissions.  The second applies only to
>  
I really wonder why in the recent past there is a tendence to declare 
such things as "denial of service" etc - while they are perfect root 
backdoors / vulns

*B000M* you are in one minut^K^K^Ke later...

Maybe this is just to hide the overall bad quality of the 2.6 kernel 
code? *just guessing*

Anyway CVE-2006-2451 is trivially exploitable so I don't attach any 
exploit code since it is obvious...

Paul Starzetz