Re: Potential security leak in Linux kernel + fix



"David W. Hodgins" <dwhodgins@xxxxxxxxxxxxxxxxx> writes:

On Tue, 10 Nov 2009 06:06:32 -0500, Grant <g_r_a_n_t_@xxxxxxxxxxxxxxxxx> wrote:

On Tue, 10 Nov 2009 08:14:27 +0100, Aragorn <aragorn@xxxxxxxxxxxxxxxxxxx> wrote:

With thanks to Bit Twister, who brought this to our attention in
alt.os.linux.mandriva. Details in the article at the URL below.

http://www.itworld.com/security/83917/an-important-linux-fix

Was fixed long time ago, old news...

You're thinking of another bug, as I was, when I first read this.
See http://www.us-cert.gov/cas/bulletins/SB09-313.html
released 2009-11-04, it affects all kernels prior to 2.6.32-rc6.

Most distributions are not affected, as they set
/proc/sys/vm/mmap_min_addr to a value other then zero, but
currently up-to-date redhat and suse systems are affected.

So are mandriva systems.


Regards, Dave Hodgins

--
Change nomail.afraid.org to ody.ca to reply by email.
(nomail.afraid.org has been set up specifically for
use in usenet. Feel free to use it yourself.)
.



Relevant Pages