Re: Debian 4.0 and mmap_min_addr null pointer dereference flaw

To: john <lists.john@gmail.com>
Cc: debian-security@lists.debian.org
Subject: Re: Debian 4.0 and mmap_min_addr null pointer dereference flaw
From: Dominic Hargreaves <dom@earth.li>
Date: Wed, 4 Nov 2009 17:15:35 +0000
Message-id: <20091104171535.GY4191@urchin.earth.li>
In-reply-to: <2be970b50911040905m299e6dceq2f7fad8809811f5e@mail.gmail.com>
References: <2be970b50911040905m299e6dceq2f7fad8809811f5e@mail.gmail.com>

On Wed, Nov 04, 2009 at 09:05:20AM -0800, john wrote:
> I see that there is another null pointer dereference flaw being talked about.
> http://www.theregister.co.uk/2009/11/03/linux_kernel_vulnerability/
> 
> It looks like we can take step in Debian 5.0 to mitigate this threat by setting
> echvm.mmap_min_addr = 4096
> 
> per http://wiki.debian.org/mmap_min_addr
> 
> I am running some servers running Debian 4.0. I doesn't look like
> there is a /etc/sysctl.d/mmap_min_addr.conf to edit. Where are these
> values stored
> under Debian 4.0.
> 
> What is the right way to proceed? Should I be looking at upgrading my servers?

The mmap_min_addr tuneabout was not introduced until after 2.6.18,
which is the default etch kernel. I am using the 'etchnhalf' kernel
(linux-image-2.6.24-etchnhalf*) on an etch machine, partly since it
offers this protection.

-- 
Dominic Hargreaves | http://www.larted.org.uk/~dom/
PGP key 5178E2A5 from the.earth.li (keyserver,web,email)

Reply to:

Follow-Ups:
- Re: Debian 4.0 and mmap_min_addr null pointer dereference flaw
  - From: john <lists.john@gmail.com>

References:
- Debian 4.0 and mmap_min_addr null pointer dereference flaw
  - From: john <lists.john@gmail.com>

Prev by Date: Re: Debian 4.0 and mmap_min_addr null pointer dereference flaw
Next by Date: Re: Debian 4.0 and mmap_min_addr null pointer dereference flaw
Previous by thread: Debian 4.0 and mmap_min_addr null pointer dereference flaw
Next by thread: Re: Debian 4.0 and mmap_min_addr null pointer dereference flaw
Index(es):
- Date
- Thread