Re: Debian 4.0 and mmap_min_addr null pointer dereference flaw
On Wed, Nov 4, 2009 at 9:15 AM, Dominic Hargreaves <email@example.com> wrote:
> On Wed, Nov 04, 2009 at 09:05:20AM -0800, john wrote:
>> I see that there is another null pointer dereference flaw being talked about.
>> It looks like we can take step in Debian 5.0 to mitigate this threat by setting
>> echvm.mmap_min_addr = 4096
>> per http://wiki.debian.org/mmap_min_addr
>> I am running some servers running Debian 4.0. I doesn't look like
>> there is a /etc/sysctl.d/mmap_min_addr.conf to edit. Where are these
>> values stored
>> under Debian 4.0.
>> What is the right way to proceed? Should I be looking at upgrading my servers?
> The mmap_min_addr tuneabout was not introduced until after 2.6.18,
> which is the default etch kernel. I am using the 'etchnhalf' kernel
> (linux-image-2.6.24-etchnhalf*) on an etch machine, partly since it
> offers this protection.
sudo apt-get install linux-image-2.6.24-etchnhalf.1-686
be the right approach here?
> Dominic Hargreaves | http://www.larted.org.uk/~dom/
> PGP key 5178E2A5 from the.earth.li (keyserver,web,email)