[CentOS] Kernel NULL pointer vulnerability
mail at marcus-moeller.de
Fri Aug 14 13:52:13 UTC 2009
>> The only workaroud that is known to me atm is to disable the affected
>> kernel modules (which should be handled with care as some of them may
>> provide necessary functionality in your operating environment):
> If vm.mmap_min_addr is > 0 you are also not affected, at least not by that
> CentOS 5 has it sent to 65536 by default. CentoS 4 should be vulnerable.
Please note that there is a problem with the SELinux policy shipped in
RHEL5, which by default will let anyone mmap at NULL!
More information about the CentOS