[Leaplist] major bug found in Linux to give root access to
untrusted users...
Steve Litt
slitt at troubleshooters.com
Wed Nov 4 23:46:31 EST 2009
On Wednesday 04 November 2009 19:00:32 Edward Guldemond wrote:
> On Wed, Nov 04, 2009 at 12:26:49PM -0500, Ray Brunkow wrote:
> > is this as bad as it sounds?
>
> Check to see if your vm.mmap_min_addr sysctl is set to a value above
> 0. On my system (Debian), it's as simple as:
>
> $ sudo sysctl -n vm.mmap_min_addr
> 4096
>
> So my system is safe. Check yours. If it's not greater than zero,
> then use sysctl to set it to something greater than zero:
>
> $ sudo sysctl -w vm.mmap_min_addr=4096
>
> And put that in a startup script until your disto fixes it or you're
> using a patched kernel (though 4096 is a safe default setting).
>
> vm.mmap_min_addr, as the name implies, is the minimum memory address
> that a process can mmap(), and it's tunable. What this means is that
> a process will not be allowed to mmap() at 0, thus preventing the NULL
> pointer dereference attack.
Here's mine:
root at mydesk:~# sysctl -n vm.mmap_min_addr
65536
root at mydesk:~#
I assume that means I'm safe from this particular exploit.
SteveT
Steve Litt
Recession Relief Package
http://www.recession-relief.US
Twitter: http://www.twitter.com/stevelitt
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
More information about the Leaplist
mailing list