Not to defend Microsoft, as kernel exploits that provide privileged access are terrible flaws, but we had an interesting discussion in the talkbacks where several people acted as if Microsoft was the only place that could've made such mistakes. Well, the proof is in the pudding that this is a common flaw across operating systems that is difficult to catch due to the complexities of kernel code.
Dann Frazier of Debian posted to Full Disclosure today about four vulnerabilities that allow local (this means you can't do it over the Internet, unless you've already compromised a user account in some way remotely, the same applied to the Windows flaw that I spoke of, but there were questions around what exactly local meant, it does not mean you have to sit at the box physically) attacks against the kernel that result in arbitrary code execution or Denial of Service conditions. The contents of his email are posted below:
CVE Id(s): CVE-2007-6694 CVE-2008-0007 CVE-2008-1294 CVE-2008-1375
Several local vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or the execution of arbitrary code. The Common Vulnerabilities and Exposures project identifies the following problems:
Cyrill Gorcunov reported a NULL pointer dereference in code specific to the CHRP PowerPC platforms. Local users could exploit this issue to achieve a Denial of Service (DoS).
Nick Piggin of SuSE discovered a number of issues in subsystems which register a fault handler for memory mapped areas. This issue can be exploited by local users to achieve a Denial of Service (DoS) and possibly execute arbitrary code.
David Peer discovered that users could escape administrator imposed cpu time limitations (RLIMIT_CPU) by setting a limit of 0.
Alexander Viro discovered a race condition in the directory notification subsystem that allows local users to cause a Denial of Service (oops) and possibly result in an escalation of privileges.
For the stable distribution (etch), this problem has been fixed in version 2.6.18.dfsg.1-18etch3.
The unstable (sid) and testing distributions will be fixed soon.
We recommend that you upgrade your linux-2.6, fai-kernels, and user-mode-linux packages.
Some of these look to be pretty serious bugs. The two newest do not have security focus entries yet, but as far as I'm aware there currently exists no public exploit code for this, which is a good thing. It's also important to note, but this should be obvious, this doesn't just affect Debian, it's simply that the advisory came from Debian's folks today... so make sure you're fixing your system up, whatever *Nix flavor you like.