Kernel bug!
From
the Inquirer [link|http://www.theinquirer.net/?article=16596|Linux bug discovered]:
Linus has fixed it
o o o
Along with the code needed to use the exploit, S\ufffdther also posted several patches to 2.4 and 2.6 kernels that will keep the exploit from crashing systems. The 2.4.xx kernel patch can be found [link|http://linux.bkbits.net:8080/linux-2.4/gnupatch@40cdf6f8V7sOe5n96HA5Q7r9uDRvJQ|here]. A patch for the 2.6 kernel can be found [link|http://linux.bkbits.net:8080/linux-2.6/gnupatch@40cbb80fOHy9vCWmfUx3PVJBWei0Hw|here].
The exploit works because the Linux kernels signal handler isn't handling floating-point (FP) exceptions correctly.
Linus Torvalds has admitted that there is a path into the kernel where if there is a pending FP error, the kernel will end up taking an FP exception, and it will continue to take the FP exception forever.
Code review has value, that's for sure.
Alex
Honor has not to be won; it must only not be lost. -- Arthur Schopenhauer (1788-1860), German philosopher
