It's a blog.
In: Uncategorized19 Aug 2009
There’s been a lot of buzz around the recently-announced vulnerability in the Linux kernel.
It appears to be less of an issue than some are making it out to be. (Though obviously, any remotely-exploitable privilege escalation bug is serious.) In particular, the Linux systems I run, which haven’t had anything out of the ordinary done to secure them, are all immune. CentOS 5, and presumably, RHEL, are not typically vulnerable, assuming that vm.mmap_min_addr is set greater than 0, which is the default. (The initial announcement, though, suggests that SELinux may override this functionality, creating an ironic situation in which people not running SELinux, like my lazy self, may be better off.)
It was patched six days ago, but this doesn’t mean that a patched kernel or CentOS update has become available.
Check your systems, to be sure. But don’t assume that all Linux machines are inherently vulnerable. It appears that it can really only be exploited with shell access, and none of the systems I’ve tested are vulnerable even with that.