Fresh kernel flaw comes with public exploit code and continues ugly run of highly reliable privilege escalation bugs tied to memory and page-cache handling

Plus ModuleJail, a radical proposal for minimizing the impact of similar bugs