Mailinglist Archive: opensuse-security (12 mails)

< Previous Next >
Re: [opensuse-security] Linux NULL pointer dereference
  • From: Marcus Meissner <meissner@xxxxxxx>
  • Date: Fri, 14 Aug 2009 16:10:16 +0200
  • Message-id: <20090814141016.GA6627@xxxxxxx>
On Fri, Aug 14, 2009 at 02:43:12PM +0100, Bob Vickers wrote:
I've just seen some reports about a new kernel bug (Linux NULL pointer
dereference due to incorrect proto_ops initializations
http://archives.neohapsis.com/archives/fulldisclosure/2009-08/0174.html
).

Obviously the SuSE security guys will be looking at this, but I was
looking to see if there was anything I could do to protect my systems
before a new kernel comes out.

The only exploit I have seen does not work on SuSE 11.1 because
/usr/bin/pulseaudio is not setuid, so that is good news.

Unfortunately the exploits works, since we still have vm.mmap_min_addr = 0.

There are suggestions that running
sysctl -w vm.mmap_min_addr=65536
gives protection, but there also suggestions that this protection is
flawed. Also I think it breaks 16-bit applications under wine but I can
live with that.

The currently released 11.1 kernel has bugs where this can be worked around :/

Does anyone have any comments?

The openSUSE kernels 10.3-11.1 to fix this issue will hit the -test repos
later today I hope.
The SLES kernels will also be checked in today and enter QA on Monday.

Ciao, Marcus
--
To unsubscribe, e-mail: opensuse-security+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse-security+help@xxxxxxxxxxxx

< Previous Next >
References