[CentOS] Kernel NULL pointer vulnerability

Fri Aug 14 12:24:39 UTC 2009
Marcus Moeller <mail at marcus-moeller.de>

Hi all.

Julien Tinnes and Tavis Ormandy from the Google Security Team have
recently found a Linux kernel vulnerability which affects all 2.4 and
2.6 kernels since 2001 on all architectures. Please read the
announcement on LWM: http://lwn.net/Articles/347006/ for further
information about the vulnerability and the exploit which has been
provided by Brad Spengler (you will find updates on his twitter site).

The only workaroud that is known to me atm is to disable the affected
kernel modules (which should be handled with care as some of them may
provide necessary functionality in your operating environment):

echo "alias net-pf-3 off # Amateur Radio AX.25
alias net-pf-4 ipx # IPX
alias net-pf-5 off # DDP / AppleTalk
alias net-pf-9 off # X.25
# alias net-pf-10 off # IPv6
alias net-pf-23 off  # IrDA
alias net-pf-24 # PPPoE
alias net-pf-31 off # Bluetooth" >> /etc/modprobe.conf

Best Regards
Marcus