Linux vendor Red Hat has posted an immediate mitigation for users on its bugzilla entry page for the flaw. I personally (as of the time of this blog posting) have not seen an actual Red Hat (or other Linux vendor) Linux update including Torvalds patched kernel (yet).

"It is possible to mitigate this flaw by blacklisting the affected protocols," Eugene Teo commented on Red Hat's bugzilla entry. "Note that this is not an exhaustive list of modules to blacklist, but this should prevent the publicly circulated exploit from working properly as this is the list of protocols (relevant to RHEL) known to be affected."

The actual vulnerability is that the a NULL pointer exists where one shouldn't.

"This issue is easily exploitable for local privilege escalation," Tinnes wrote in his advisory. "In order to exploit this, an attacker would create a mapping at address zero containing code to be executed with privileges of the kernel, and then trigger a vulnerable operation."

In terms of actually trying to exploit a kernel, Tinnes stated that the vulnerability is trivial to exploit and that all an attacker can just put code in the first page that will get executed with kernel privileges.

So potentially if a piece of code/application were infected with this trivial exploit it could lead to a condition where an attacker could potentially gain root control over a Linux system. I have not yet seen a fully weaponized version of this exploit, but if I easily imagine how one could be built into a bogus app or download.

It never ceases to amaze me how something can sit dormant in a piece of code for years, un-noticed and then suddenly become a big issue.

I think that Linux kernel devs need to come up with a new protocol for identifying NULL pointer issues that could lead to security exploits. This issue should have been caught sooner.