On Friday 14 August 2009, Kai Schaetzl wrote: > Marcus Moeller wrote on Fri, 14 Aug 2009 14:24:39 +0200: > > The only workaroud that is known to me atm is to disable the affected > > kernel modules (which should be handled with care as some of them may > > provide necessary functionality in your operating environment): > > If vm.mmap_min_addr is > 0 you are also not affected, at least not by that > exploit. ...Unless you have selinux enabled in any way (including permissive) since in this case selinux overrides the kernel setting and makes vm.mmap_min_addr==0. /Peter > http://www.h-online.com/security/Critical-vulnerability-in-the-Linux- > kernel-affects-all-versions-since-2001--/news/114004 > > CentOS 5 has it sent to 65536 by default. CentoS 4 should be vulnerable. > > Kai -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 189 bytes Desc: This is a digitally signed message part. URL: <http://lists.centos.org/pipermail/centos/attachments/20090814/3e4d11a4/attachment-0005.sig>