OpenVZ Forum: Support » sock_sendpage() kernel vulnerability

Home » General » Support » sock_sendpage() kernel vulnerability

Show: Today's Messages :: Show Polls :: Message Navigator
E-mail to friend

Re: sock_sendpage() kernel vulnerability [message #37296 is a reply to message #37291]

Tue, 01 September 2009 19:08

Valmont
Messages: 225
Registered: September 2005

Senior Member

Well, according opennet.ru we have also this sploit:

http://www.risesecurity.org/entry/illustrating-linux-sock_se ndpage-null-pointer/

and this:

http://grsecurity.net/~spender/wunderbar_emporium.tgz

Due lack of phys. access to my servers I can't check it now, but
changelog http://wiki.openvz.org/Download/kernel/rhel5/028stab064.4
don't have any notes about fixing CVE-2009-2692

Make it for hotfix:

Red Hat Enterprise Linux 4 and 5

Add the following entries to the end of the /etc/modprobe.conf file:


install pppox /bin/true
install bluetooth /bin/true
install sctp /bin/true


The sctp module cannot be unloaded from a running kernel if the module is already loaded; therefore, the above changes for /etc/modprobe.conf on Red Hat Enterprise Linux 4 and 5 require a reboot to take effect.

Report message to a moderator

[Message index]

		sock_sendpage() kernel vulnerability By: lukaschemp on Tue, 01 September 2009 07:21
		Re: sock_sendpage() kernel vulnerability By: Valmont on Tue, 01 September 2009 19:08
		Re: sock_sendpage() kernel vulnerability By: Valmont on Tue, 01 September 2009 19:11
		Re: sock_sendpage() kernel vulnerability By: Valmont on Tue, 01 September 2009 19:28
		Re: sock_sendpage() kernel vulnerability By: lukaschemp on Tue, 01 September 2009 19:31
		Re: sock_sendpage() kernel vulnerability By: Valmont on Tue, 01 September 2009 19:45

Previous Topic:	Bug (?): vzcfgvalidate not working
Next Topic:	Allocate more RAM to a VPS

Goto Forum:

-=] Back to Top [=-

[ Syndicate this forum (XML) ] [

] [

]

Current Time: Sat Oct 18 13:16:57 GMT 2025

Total time taken to generate the page: 0.35525 seconds