[CentOS] Kernel NULL pointer vulnerability
cap at nsc.liu.se
Fri Aug 14 14:18:18 UTC 2009
On Friday 14 August 2009, Kai Schaetzl wrote:
> Marcus Moeller wrote on Fri, 14 Aug 2009 14:24:39 +0200:
> > The only workaroud that is known to me atm is to disable the affected
> > kernel modules (which should be handled with care as some of them may
> > provide necessary functionality in your operating environment):
> If vm.mmap_min_addr is > 0 you are also not affected, at least not by that
...Unless you have selinux enabled in any way (including permissive) since in
this case selinux overrides the kernel setting and makes vm.mmap_min_addr==0.
> CentOS 5 has it sent to 65536 by default. CentoS 4 should be vulnerable.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 189 bytes
Desc: This is a digitally signed message part.
More information about the CentOS