Dale Amon <[EMAIL PROTECTED]> writes: > I chatted on the phone with Henry Spencer back when the > zilb bug was first announced and he was of the opinion > that in FS it would be almost impossible to exploit. So it's > probably something that should be fixed but is not a high > profile issue. Not my call though: I'm not one of the maintainers, > just a user of the results.
If we are talking about kernel code, a DoS vulnerability is serious enough, and IIRC it has been demonstrated that the double free() does happen in practice, and it might crash the kernel (I don't know if this actually happens, though). -- Florian Weimer [EMAIL PROTECTED] University of Stuttgart http://CERT.Uni-Stuttgart.DE/people/fw/ RUS-CERT fax +49-711-685-5898
