[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Debian 4.0 and mmap_min_addr null pointer dereference flaw

On Wed, Nov 4, 2009 at 9:15 AM, Dominic Hargreaves <dom@earth.li> wrote:
> On Wed, Nov 04, 2009 at 09:05:20AM -0800, john wrote:
>> I see that there is another null pointer dereference flaw being talked about.
>> http://www.theregister.co.uk/2009/11/03/linux_kernel_vulnerability/
>> It looks like we can take step in Debian 5.0 to mitigate this threat by setting
>> echvm.mmap_min_addr = 4096
>> per http://wiki.debian.org/mmap_min_addr
>> I am running some servers running Debian 4.0. I doesn't look like
>> there is a /etc/sysctl.d/mmap_min_addr.conf to edit. Where are these
>> values stored
>> under Debian 4.0.
>> What is the right way to proceed? Should I be looking at upgrading my servers?
> The mmap_min_addr tuneabout was not introduced until after 2.6.18,
> which is the default etch kernel. I am using the 'etchnhalf' kernel
> (linux-image-2.6.24-etchnhalf*) on an etch machine, partly since it
> offers this protection.
Thanks Dominic,

So would

sudo apt-get install linux-image-2.6.24-etchnhalf.1-686

be the right approach here?

> --
> Dominic Hargreaves | http://www.larted.org.uk/~dom/
> PGP key 5178E2A5 from the.earth.li (keyserver,web,email)

Reply to: