Have you tried the exploit on CentOS 5? http://grsecurity.net/~spender/wunderbar_emporium.tgz I only have access to a Fedora 9 machine right now and the exploit is working with all the modules from the first mail disabled in modprobe.conf [root at localhost ~]# uname -a Linux localhost.localdomain 2.6.27.25-78.2.56.fc9.i686 #1 SMP Thu Jun 18 12:47:50 EDT 2009 i686 i686 i386 GNU/Linux [root at localhost ~]# cat /proc/sys/vm/mmap_min_addr 65536 Regards, Radu