[CentOS] Kernel NULL pointer vulnerability

Fri Aug 14 13:31:27 UTC 2009
Kai Schaetzl <maillists at conactive.com>

Marcus Moeller wrote on Fri, 14 Aug 2009 14:24:39 +0200:

> The only workaroud that is known to me atm is to disable the affected
> kernel modules (which should be handled with care as some of them may
> provide necessary functionality in your operating environment):

If vm.mmap_min_addr is > 0 you are also not affected, at least not by that 
exploit.

http://www.h-online.com/security/Critical-vulnerability-in-the-Linux-
kernel-affects-all-versions-since-2001--/news/114004

CentOS 5 has it sent to 65536 by default. CentoS 4 should be vulnerable.

Kai

-- 
Kai Schätzl, Berlin, Germany
Get your web at Conactive Internet Services: http://www.conactive.com