Results 1 to 6 of 6

Thread: Has openSUSE patched this? How protect against this?

  1. #1

    Default Has openSUSE patched this? How protect against this?

    Bug in latest Linux gives untrusted users root access • The Register

    "The null pointer dereference flaw was only fixed in the upcoming 2.6.32 release candidate of the Linux kernel, making virtually all production versions in use at the moment vulnerable. While attacks can be prevented by implementing a common feature known as mmap_min_addr, the RHEL distribution... doesn't properly implement that protection... The... bug is mitigated by default on most Linux distributions, thanks to their correct implementation of the mmap_min_addr feature. ... [Spengler] said many other Linux users are also vulnerable because they run older versions or are forced to turn off [mmap_min_addr] to run certain types of applications."

  2. #2
    Join Date
    Mar 2008
    Location
    Bochum, Germany
    Posts
    3,587

    Default Re: Has openSUSE patched this? How protect against this?

    * 6tr6tr wrote, On 11/04/2009 06:46 PM:
    >
    > 'Bug in latest Linux gives untrusted users root access • The Register'
    > (http://www.theregister.co.uk/2009/11...vulnerability/)
    >



    There is most definitely a patched kernel being prepared for the openSUSE versions still supported. Keep an eye on your updater applet.
    Don't panic, it's a local problem.

    Uwe

  3. #3

    Default Re: Has openSUSE patched this? How protect against this?

    Code:
    cat /proc/sys/vm/mmap_min_addr
    65536

  4. #4
    Join Date
    Oct 2008
    Location
    Lakeland, Florida
    Posts
    235

    Default Re: Has openSUSE patched this? How protect against this?

    Looks like we're safe for the most part.

    The latest bug is mitigated by default on most Linux distributions, thanks to their correct implementation of the mmap_min_addr feature. But to make RHEL compatible with a larger body of applications, that distribution is vulnerable to attack even when the OS shows the feature is enabled, Spengler said.
    "They're putting their users at risk," he said. "They're basically the only distribution that's still vulnerable to this class of attack."
    A Red Hat spokeswoman said patches for the versions 4 and 5 of RHEL and MRG are available here. An update for RHEL 3 is in testing and should be released soon.
    He said many other Linux users are also vulnerable because they run older versions or are forced to turn off the feature to run certain types of applications.
    P5N-E SLI, Core2Duo E6850 @ 3GHZ, 2 GB DDR2 800MHZ
    EVGA 8800GTS 320MB, 2x320GB HDD
    Arctic Cooling Freezer 7 Pro

  5. #5

    Default Re: Has openSUSE patched this? How protect against this?

    Quote Originally Posted by buckesfeld View Post
    * 6tr6tr wrote, On 11/04/2009 06:46 PM:
    >
    > 'Bug in latest Linux gives untrusted users root access € The Register'
    > (Bug in latest Linux gives untrusted users root access • The Register)
    >



    There is most definitely a patched kernel being prepared for the openSUSE versions still supported. Keep an eye on your updater applet.
    Don't panic, it's a local problem.

    Uwe
    What do you mean by "it's a local problem"?

  6. #6
    Join Date
    Mar 2008
    Location
    Bochum, Germany
    Posts
    3,587

    Default Re: Has openSUSE patched this? How protect against this?

    * 6tr6tr wrote, On 11/05/2009 02:26 AM:
    > What do you mean by "it's a local problem"?


    The issue allows local users to gain root rights, AFAIK. Not more. Let's say you have a desktop install with only one user and no ssh or telnet running, you are pretty safe.

    Uwe

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •