On Tue, Aug 18, 2009 at 11:28 AM, Robert Citek<[email protected]> wrote: > From reading the description of the vulnerability: > > http://www.h-online.com/security/Critical-vulnerability-in-the-Linux-kernel-affects-all-versions-since-2001--/news/114004 > > it seems as though there might be a simple workaround: > > "Ormandy and Tiennes say, however, that the exploit will not work on > current kernels with mmap_min_addr support if a number greater than > zero is defined by means of sysctl as the value for vm.mmap_min_addr." > > On my 8.04.3 LTS sytem: > > $ grep mmap_min_addr /etc/sysctl.conf > vm.mmap_min_addr = 65536 > > $ sysctl vm.mmap_min_addr > vm.mmap_min_addr = 65536 > > I'm not sure if changing the vm.mmap_min_addr is good enough until the > kernel patch makes its way down the pipe. > > Regards, > - Robert
Interesting. Thanks Robert. I am running several servers with 8.04 on them and my /etc/sysctl.conf file reads the same as yours. I assume that 8.10 is similarly configured, but the article says 8.10 is vulnerable. So I am going to assume 8.04 is as well. I'll keep looking into it. I appreciate your response! John -- edubuntu-devel mailing list [email protected] Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/edubuntu-devel
