On Fri, Aug 14, 2009 at 02:43:12PM +0100, Bob Vickers wrote:
I've just seen some reports about a new kernel bug (Linux NULL pointer dereference due to incorrect proto_ops initializations http://archives.neohapsis.com/archives/fulldisclosure/2009-08/0174.html ).
Obviously the SuSE security guys will be looking at this, but I was looking to see if there was anything I could do to protect my systems before a new kernel comes out.
The only exploit I have seen does not work on SuSE 11.1 because /usr/bin/pulseaudio is not setuid, so that is good news.
Unfortunately the exploits works, since we still have vm.mmap_min_addr = 0.
There are suggestions that running sysctl -w vm.mmap_min_addr=65536 gives protection, but there also suggestions that this protection is flawed. Also I think it breaks 16-bit applications under wine but I can live with that.
The currently released 11.1 kernel has bugs where this can be worked around :/
Does anyone have any comments?
The openSUSE kernels 10.3-11.1 to fix this issue will hit the -test repos later today I hope. The SLES kernels will also be checked in today and enter QA on Monday. Ciao, Marcus -- To unsubscribe, e-mail: opensuse-security+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-security+help@opensuse.org