On Fri, 2009-08-14 at 12:46 +0200, Urs Beyerle wrote: > Urs Beyerle wrote: > > Hi, > > > > I guess SL is affected like most other Linux distributions. > > > > I'm not 100% sure, but setting vm.mmap_min_addr to a value above 0 > > should prevent an exploit. > > > > # sysctl vm.mmap_min_addr=4096 > > > > at least on a SL5 system with mmap_min_addr support. I successfully rooted a 32bit SL5 system with SELinux enabled and vm.mmap_min_addr=64k with the public exploit :-( Working on a patched SL5 kernel. The fix from git is not applicable to the SL4 kernel (which is vulnerable as well). Any ides for a workaround? > Urs -- Stephan Wiesand DESY - DV - Platanenallee 6 15738 Zeuthen, Germany