[kernel-sec-discuss] r1563 - active
dann frazier
dannf at debian.org
Tue Nov 3 22:33:58 UTC 2009
On Tue, Nov 03, 2009 at 09:50:57PM +0000, Michael Gilbert wrote:
> Author: gilbert-guest
> Date: 2009-11-03 21:50:57 +0000 (Tue, 03 Nov 2009)
> New Revision: 1563
>
> Modified:
> active/CVE-2009-3547
> Log:
> info
>
> Modified: active/CVE-2009-3547
> ===================================================================
> --- active/CVE-2009-3547 2009-11-03 17:06:50 UTC (rev 1562)
> +++ active/CVE-2009-3547 2009-11-03 21:50:57 UTC (rev 1563)
> @@ -12,6 +12,7 @@
> Brad Spengler *claims* to have already developed a working exploit. Since
> his previous work has been effective, it is probably true. Hence, this
> should be treated with high urgency.
> + - May be not be exploitable on debian due to mmap_min_addr
> protections?
Well, yes and no. mmap_min_addr won't stop the oops, but helps avoid a
priv escalation. mmap_min_addr defaults to 0 in lenny, but the last
DSA recommended users increase that value, and the kernel targeted at
5.0.4 has increased the default.
For sid/testing, this should only be a local DoS (oops).
> Bugs:
> upstream: pending [ad3960243e55320d74195fb85c975e0a8cc4466c]
> linux-2.6: needed
>
>
> _______________________________________________
> kernel-sec-discuss mailing list
> kernel-sec-discuss at lists.alioth.debian.org
> http://lists.alioth.debian.org/mailman/listinfo/kernel-sec-discuss
>
--
dann frazier
More information about the kernel-sec-discuss
mailing list