"But, and from a technical standpoint this is where it
gets interesting. The programmer's code that does this looks
innocent. It only after the gcc "compiler takes this into its
hands, while optimizing the code, the compiler will see that the
variable has already been assigned and will actually remove the if
block (the check if tun is NULL) completely from the resulting
compiled code. In other words, the compiler will introduce the
vulnerability to the binary code, which didn't exist in the source
code. This will cause the kernel to try to read/write data from
0x00000000, which the attacker can map to userland - and this
finally pwns the box."
"Scary isn't it? You see, because it's working at such a low
level, this vulnerability can be used to dodge around SELinux
(Security Enhanced Linux), AppArmor and other Linux security
Some of the products that appear on this site are from companies from which QuinStreet receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. QuinStreet does not include all companies or all types of products available in the marketplace.