The details on loading rootkits via /dev/mem
Posted Apr 29, 2009 9:01 UTC (Wed) by hppnq
In reply to: The details on loading rootkits via /dev/mem
Parent article: The details on loading rootkits via /dev/mem
How about talking about why kernel developers obscure vulnerabilities as denial of service issues when they are perfectly exploitable?
If you mean the SCTP one referenced on this page, it looks serious, but it is not "perfectly exploitable" in the real world. You may not (want) to understand this, but in general, people will try to make a realistic assessment of the actual threat -- developers, distributors and also a few serious security researchers.
In any case, security should be discussed and handled by people with at least some grasp of reality. Thinking that anyone can be on the right side of the thin line between right and wrong is part of the problem. It is typical that you don't understand this.
(The patch for the SCTP vulnerability was available last year, by the way. My distribution was updated some weeks ago.)
to post comments)