Full Disclosure mailing list archives
Re: nullpointer fix question
From: Tavis Ormandy <taviso () sdf lonestar org>
Date: Fri, 14 Aug 2009 17:57:50 +0200
maxigas <maxigas () anargeek net> wrote:
hi! Should this fix work against the nullpointer linux kernel vulnerability?
It looks incomplete, I don't see PF_ISDN or PF_IUCV, for example. But this general approach looks fine, and is actually what Red Hat have reccommended to their customers. https://bugzilla.redhat.com/show_bug.cgi?id=516949#c10 Obviously if you don't use redhat, you should check what else your distribution provides.
Should it break any services on a usual LAMP machine?
If you know you don't need PF_INET6, then it should be fine. You would most likely know if you needed the others. Thanks, Tavis. -- ------------------------------------- taviso () sdf lonestar org | finger me for my pgp key. ------------------------------------------------------- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- nullpointer fix question maxigas (Aug 14)
- Re: nullpointer fix question Tavis Ormandy (Aug 14)