| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <mpro.kodj0e007vcm800hy.taviso@sdf.lonestar.org> Date: Fri, 14 Aug 2009 17:57:50 +0200 From: Tavis Ormandy <taviso@....lonestar.org> To: full-disclosure@...ts.grok.org.uk Subject: Re: nullpointer fix question maxigas <maxigas@...rgeek.net> wrote: > hi! > > Should this fix work against the nullpointer linux kernel vulnerability? It looks incomplete, I don't see PF_ISDN or PF_IUCV, for example. But this general approach looks fine, and is actually what Red Hat have reccommended to their customers. https://bugzilla.redhat.com/show_bug.cgi?id=516949#c10 Obviously if you don't use redhat, you should check what else your distribution provides. > Should it break any services on a usual LAMP machine? > If you know you don't need PF_INET6, then it should be fine. You would most likely know if you needed the others. Thanks, Tavis. -- ------------------------------------- taviso@....lonestar.org | finger me for my pgp key. ------------------------------------------------------- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists