CVE-2009-3547 (NULL pointer dereference and system crash)

Synopsis: “Multiple race conditions in fs/pipe.c in the Linux kernel before 2.6.32-rc6 allow local users to cause a denial of service (NULL pointer dereference and system crash) or gain privileges by attempting to open an anonymous pipe via a /proc/*/fd/ pathname.”

Debian 5.x systems suffer from this vulnerability (with or without Wine installed), and the fix is easy.

At a root shell, do the following:-

sysctl -w vm.mmap_min_addr="1024"
# make it persistent
cat <<EOF > /etc/sysctl.d/mmap_min_addr.conf
# Prevent http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3547
vm.mmap_min_addr=1024
EOF

Full details at http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3547

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.