Responding to the kernel ELF vulnerability

Posted May 20, 2005 22:58 UTC (Fri) by giraffedata (guest, #1954)
Parent article: Responding to the kernel ELF vulnerability

That will cause the strnlen_user() function to page fault at the first attempt to count argument lengths.

So? How does that get you to

could allow a local user to use a manipulated binary to gain elevated privileges.