[CentOS] Kernel NULL pointer vulnerability

Fri Aug 14 14:18:18 UTC 2009
Peter Kjellstrom <cap at nsc.liu.se>

On Friday 14 August 2009, Kai Schaetzl wrote:
> Marcus Moeller wrote on Fri, 14 Aug 2009 14:24:39 +0200:
> > The only workaroud that is known to me atm is to disable the affected
> > kernel modules (which should be handled with care as some of them may
> > provide necessary functionality in your operating environment):
>
> If vm.mmap_min_addr is > 0 you are also not affected, at least not by that
> exploit.

...Unless you have selinux enabled in any way (including permissive) since in 
this case selinux overrides the kernel setting and makes vm.mmap_min_addr==0.

/Peter

> http://www.h-online.com/security/Critical-vulnerability-in-the-Linux-
> kernel-affects-all-versions-since-2001--/news/114004
>
> CentOS 5 has it sent to 65536 by default. CentoS 4 should be vulnerable.
>
> Kai
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part.
URL: <http://lists.centos.org/pipermail/centos/attachments/20090814/3e4d11a4/attachment-0005.sig>