> Also worth noting is the fact that ordinary buffer overflow protection may
> well have not been effective against this vulnerability. The return address
> on the stack was not overwritten, and no exploit code was put in data
Has there been any talk about extending NX (no-execute) style page
protection to within kernel space itself, to prevent it from executing
code residing in user-space pages?