BAM! Linux Kernel 0day Released by Spender

Spender (Brad Spengler) released a 2.6.30+/RHEL5 2.6.18 local kernel exploit in /dev/net/tun today at The most amusing thing to us at SOLDIERX was all of the internal vendorsec emails that appear in the comments. Particularly Linus Torvalds saying that it doesn't look like a kernel problem to him. The exploit is very interesting because when it's viewed at the source level it is unexploitable. It actually doesn't become exploitable until gcc performs optimizations during compilation. At the time of this posting, this exploit is still unpatched. Sounds like a fun day for security professionals. Boom goes the dynamite!