[CentOS] Kernel NULL pointer vulnerability

Fri Aug 14 13:52:13 UTC 2009
Marcus Moeller <mail at marcus-moeller.de>

Hi again,

>> The only workaroud that is known to me atm is to disable the affected
>> kernel modules (which should be handled with care as some of them may
>> provide necessary functionality in your operating environment):
>
> If vm.mmap_min_addr is > 0 you are also not affected, at least not by that
> exploit.
>
> http://www.h-online.com/security/Critical-vulnerability-in-the-Linux-
> kernel-affects-all-versions-since-2001--/news/114004
>
> CentOS 5 has it sent to 65536 by default. CentoS 4 should be vulnerable.

Please note that there is a problem with the SELinux policy shipped in
RHEL5, which by default will let anyone mmap at NULL!

Best Regards
Marcus