>> we can confuse the initrd into executing a malicious init executable.

This hash the next link method is always as flawed as the weakest link..