while this bug is still open, would it make sense to disable the gcc option/optimization/bug/flaw that allows this vulnerability to exist? the "-fno-delete-null-pointer-checks" flag will completely disable this option kernel-wide [1].
obviously there is a tradeoff here. the null pointer optimization does make the kernel run a bit faster (and maybe that should be quantified to determine the impact), but on the other hand it opens up a slew of vulnerabilities. i think erring on the side of caution/security is the way to go. anyway, just a thought. mike [1] http://gcc.gnu.org/onlinedocs/gcc/Optimize-Options.html -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
