[olssy]

From what I can tell one of the exploits allows for code execution with root privileges, another for accessing kernel-space memory and the third will crash the machine. Are any of these things not already doable when someone has physical access to the machine?

[cheald]

They aren't remote code execution exploits as best as I can tell. But, it's a short leap from an exploitable root escalation to total compromise of a machine. Until these are patched, any executable you download and run could potentially be a dropper for much nastier stuff. You could combine one of these with the recently-disclosed Flash exploits, for example, and you have a drive-by root exploit ready for deployment via ad networks to millions of people.

[tptacek]

They're not doable from random programs downloaded from the Internet, except via these flaws.