What that particular bug is concerned: Give me a shell, and I'll have your machine die in two minutes via resource starvation or bad tricks to some other direction. A bug that freezes your machine may be ugly, and a DoS is security-critical, yes. But there is no better security tool than userdel if you have users on your system that mess with the stability of it. If that bug could be triggered remotely, you could bet that we'd be loud about it.
I'm not exactly a kernel programming, but if the vulerability exist and is easy to exploit and most systems are unpatched (after all, you need access to exploit it) then the next worm like Migthy, that install a source, compile it and run with user wwwrun, named, nobody, in a chroot jail or whatever could exploit it and be really harmful. And upgrading a kernel is something that must be handled with more care than upgrading servers or libs... so is better to fix the kernel when is not urged by a remote exploit.
Not really... The worm can't propagate any more if the machine has halted.
If that worm takes advantage of a root exploit in the kernel, it is
somewhat different. But, on the other hand, why would an attacker (a worm)
want to attack root on a system where it is possible to propagate already
(the worm broke into the system already...)?
This means that the argumentation is not fully conclusive in terms of the
impact that such a DoS bug has. It resembles that story with the man going
to the physician, telling him "doc, if I touch this, it hurts!". The doc
answers "so don't touch this then!".
Greetings,
Roman.
--
- -
| Roman Drahtmüller