A survey of recent kernel vulnerabilities
Posted Oct 20, 2005 23:47 UTC (Thu) by tialaramex
Parent article: A survey of recent kernel vulnerabilities
"A hostile UDP packet could cause the 8021Q VLAN code to oops" doesn't really match either the longer and more detailed explanation in the linked Debian bug report, or the supplied patch, or the stacktrace recorded.
Those tell another story, which is that a privileged ioctl() was faulty, and this ioctl() was used by an SNMP daemon which answers UDP packets. No SNMP daemon, no exploit.
In this sense the ptrace() bug is also remotely exploitable, you just ssh into the affected machine and execute an exploit.
to post comments)