On Fri, 2009-08-14 at 12:46 +0200, Urs Beyerle wrote:
> Urs Beyerle wrote:
> > Hi,
> >
> > I guess SL is affected like most other Linux distributions.
> >
> > I'm not 100% sure, but setting vm.mmap_min_addr to a value above 0
> > should prevent an exploit.
> >
> > # sysctl vm.mmap_min_addr=4096
> >
>
> at least on a SL5 system with mmap_min_addr support.
I successfully rooted a 32bit SL5 system with SELinux enabled and
vm.mmap_min_addr=64k with the public exploit :-(
Working on a patched SL5 kernel.
The fix from git is not applicable to the SL4 kernel (which is
vulnerable as well).
Any ides for a workaround?
> Urs
--
Stephan Wiesand
DESY - DV -
Platanenallee 6
15738 Zeuthen, Germany