flawed sample exploit
Autor: maciej2maciek 27.06.14 - 15:33
> Außerdem lieferte er noch einen Beispiel-Exploit für den LZ4-Code im Linux-Kernel.
The example is flawed, because it supposes any program can access Linux Kernel functions. That's wrong : Only kernel code can access the specific LZ4 implementation within Linux Kernel.
And none of them is currently using LZ4 in combination with block sizes of 16 MB.
That could be the case in the future, but that's not happening today.
Conclusion is : the problem must be fixed, in order to avoid any problem in the future, but *today*, there is no risk yet.