Re: Potential security leak in Linux kernel + fix
- From: Grant <g_r_a_n_t_@xxxxxxxxxxxxxxxxx>
- Date: Wed, 11 Nov 2009 12:22:33 +1100
On Tue, 10 Nov 2009 14:46:30 -0500, "David W. Hodgins" <dwhodgins@xxxxxxxxxxxxxxxxx> wrote:
On Tue, 10 Nov 2009 06:06:32 -0500, Grant <g_r_a_n_t_@xxxxxxxxxxxxxxxxx> wrote:
On Tue, 10 Nov 2009 08:14:27 +0100, Aragorn <aragorn@xxxxxxxxxxxxxxxxxxx> wrote:
With thanks to Bit Twister, who brought this to our attention in
alt.os.linux.mandriva. Details in the article at the URL below.
Was fixed long time ago, old news...
You're thinking of another bug, as I was, when I first read this.
released 2009-11-04, it affects all kernels prior to 2.6.32-rc6.
Maybe so, skimming thru several hundred lkml posts/day (usually
only viewing subject line) means I only have the vaguest idea of
what's going on in there ;)
I do update to -stable version as they come out.
Most distributions are not affected, as they set
/proc/sys/vm/mmap_min_addr to a value other then zero, but
currently up-to-date redhat and suse systems are affected.
Well, my old slackware-11 is not affected.