Linux Kernel Vulnerability

In: Uncategorized

19 Aug 2009

There’s been a lot of buzz around the recently-announced vulnerability in the Linux kernel.

It appears to be less of an issue than some are making it out to be. (Though obviously, any remotely-exploitable privilege escalation bug is serious.) In particular, the Linux systems I run, which haven’t had anything out of the ordinary done to secure them, are all immune. CentOS 5, and presumably, RHEL, are not typically vulnerable, assuming that vm.mmap_min_addr is set greater than 0, which is the default. (The initial announcement, though, suggests that SELinux may override this functionality, creating an ironic situation in which people not running SELinux, like my lazy self, may be better off.)

It was patched six days ago, but this doesn’t mean that a patched kernel or CentOS update has become available.

Check your systems, to be sure. But don’t assume that all Linux machines are inherently vulnerable. It appears that it can really only be exploited with shell access, and none of the systems I’ve tested are vulnerable even with that.

Related posts:

  1. Uncloaking Treason
  2. Apache, squid, etc. “vulnerability”
  3. The Magic SysRq Key
  4. The State of Linux
  5. I/O Under Linux

Comment Form

On Other Sites

Categories

Archives

  • Matt: Hey Victor, A couple good resources for you... http://www.scanboston.com/boston.htm is really det [...]
  • victor: Hi i just got a uniden bearcay scanner and have no local or regional frequency directory.just 1 460 [...]
  • Matt: I do use them periodically. I bought a few i760's, for perhaps $10 apiece in a lot, on eBay a while [...]
  • Marin: Did you eventually end up going with an iDEN phones using Direct Talk? I had some i560's a few year [...]
  • Dan: fyi, EOD = explosive ordnance disposal [...]

Copyright © 2007-2012 - Matt's Blog is proudly powered by WordPress | Log in

Compositio Theme is created by: Design Disease brought to you by PremiumThemes.com