[rsbac] Fwd: Re: Will 2.4.20 Source be patched for the latest kernel vulnerability?

Amon Ott ao at rsbac.org
Tue Dec 2 14:25:47 CET 2003

On Dienstag, 2. Dezember 2003 14:15, Amon Ott wrote:
> Just found a workaround for the 2.4 sys_brk bug. It seems sufficient to 
> the address space to max. 2GB, e.g. using RSBAC RES module:
> As secoff etc:
> - start rsbac_user_menu
> - Choose RES default user
> - Select RES max resources
> - Set AS resource e.g. to 2000000000 (2 with 9 zeroes = 2GB)
> Best solution is of course the patch.

This workaround is also not sufficient, although it helps against some 
attacks. Please read http://isec.pl/vulnerabilities/isec-0012-do_brk.txt

It is strongly recommended to patch or to update! Please realize that this bug 
is not a root, but a kernel exploit, so there is no protection!

http://www.rsbac.org - GnuPG: 2048g/5DEAAA30 2002-10-22

More information about the rsbac mailing list