Why hasn't there been a kernel update following latest disclosure?
john
lists.john at gmail.com
Tue Aug 18 23:07:36 UTC 2009
On Tue, Aug 18, 2009 at 11:28 AM, Robert
Citek<rwcitek at alum.calberkeley.org> wrote:
> From reading the description of the vulnerability:
>
> http://www.h-online.com/security/Critical-vulnerability-in-the-Linux-kernel-affects-all-versions-since-2001--/news/114004
>
> it seems as though there might be a simple workaround:
>
> "Ormandy and Tiennes say, however, that the exploit will not work on
> current kernels with mmap_min_addr support if a number greater than
> zero is defined by means of sysctl as the value for vm.mmap_min_addr."
>
> On my 8.04.3 LTS sytem:
>
> $ grep mmap_min_addr /etc/sysctl.conf
> vm.mmap_min_addr = 65536
>
> $ sysctl vm.mmap_min_addr
> vm.mmap_min_addr = 65536
>
> I'm not sure if changing the vm.mmap_min_addr is good enough until the
> kernel patch makes its way down the pipe.
>
> Regards,
> - Robert
Interesting. Thanks Robert. I am running several servers with 8.04 on
them and my /etc/sysctl.conf file reads the same as yours. I assume
that 8.10 is similarly configured, but the article says 8.10 is
vulnerable. So I am going to assume 8.04 is as well. I'll keep looking
into it.
I appreciate your response!
John
More information about the edubuntu-devel
mailing list