Root exploit for Linux Kernel in the Tun Interface
Brad Spengler, the developer behind the Grsecurity project, has published an exploit for a vulnerability in the Tun interface in Linux kernel 2.6.30 and 2.6.18, which can be exploited by attackers to obtain root privileges.
The fix is available for kernel 22.214.171.124, see the patch here.
Now the real question is: is it a GCC issue (the fno-delete-null-pointer-checks optimization) or a programming error? I vote for the second 🙂