"What he found was that in some network code, there was
a procedure that included a variable that could be set to NULL (no
value at all). Now, this didn't appear to be a problem because the
programmer also included a test which would return an error-message
if the variable turned out to have a NULL value.
"So far, so good. Unfortunately, the gcc code optimizer on
finding that a variable has been assigned a NULL value removed the
test! This left a hole, that didn't exist in the original program.
Using this hole, and code provided by Spengler, any cracker with
sufficient access to a Linux computer could get into the computer's
memory and, from there, get into all kinds of mischief."
Some of the products that appear on this site are from companies from which QuinStreet receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. QuinStreet does not include all companies or all types of products available in the marketplace.