If you installed Wine or Dosemu you're at risk

Chat about Linux in general
User avatar
Acid_1
Level 5
Level 5
Posts: 797
Joined: Thu Nov 01, 2007 11:12 pm
Location: Saskatchewan, Canada
Contact:

If you installed Wine or Dosemu you're at risk

Postby Acid_1 » Thu Aug 20, 2009 5:20 am

About the critical bug. blah blah blah.

If you installed Wine or Dosemu, open a terminal and type:

Code: Select all

cat /proc/sys/vm/mmap_min_addr


If it says 65536, you're safe. If it says 0, then you're vulnerable. To fix, do:

Code: Select all

sudo su
echo 65536 > /proc/sys/vm/mmap_min_addr


Then exit. You're safe and secure now. I didn't see anyone mention that, and I know lots of people here who migrated from Windows install Wine. Sorry if this is duplicate.
Website: Forkwhilefork

Husse
Level 23
Level 23
Posts: 19590
Joined: Sun Feb 11, 2007 7:22 am
Location: Near Borås Sweden

Re: If you installed Wine or Dosemu you're at risk

Postby Husse » Thu Aug 20, 2009 4:27 pm

What did I miss?
Image
Don't fix it if it ain't broken, don't break it if you can't fix it

User avatar
Acid_1
Level 5
Level 5
Posts: 797
Joined: Thu Nov 01, 2007 11:12 pm
Location: Saskatchewan, Canada
Contact:

Re: If you installed Wine or Dosemu you're at risk

Postby Acid_1 » Thu Aug 20, 2009 5:31 pm

Website: Forkwhilefork

Husse
Level 23
Level 23
Posts: 19590
Joined: Sun Feb 11, 2007 7:22 am
Location: Near Borås Sweden

Re: If you installed Wine or Dosemu you're at risk

Postby Husse » Thu Aug 20, 2009 6:41 pm

Holy cow - that makes three security alerts in a month with the ones I have reported in the newsletter
I have completely missed this one
Image
Don't fix it if it ain't broken, don't break it if you can't fix it

slider
Level 5
Level 5
Posts: 579
Joined: Wed May 07, 2008 2:08 pm
Location: Sliding around somewhere!

Re: If you installed Wine or Dosemu you're at risk

Postby slider » Tue Aug 25, 2009 4:56 pm

Good post Acid_1 !

Most of the Linux users that I know and myself included were not aware of this bug. I posted this info in our local LUG email list.

Two users of PCLOS so far were affected.

My Mint system was not affected, but this is something all users should check anyway just to be sure.

It was mentioned in our list that this fix may need to be run at boot each time for those affected. I havent researched this, but users who were affected may want to run the check command again after rebooting to see if things are still ok.

If things change back the affected user will need to place the patch in "/etc/rc.local" where it will be run each time at boot.

Thank you for posting this info.

User avatar
DrHu
Level 17
Level 17
Posts: 7560
Joined: Wed Jun 17, 2009 8:20 pm

Re: If you installed Wine or Dosemu you're at risk

Postby DrHu » Tue Aug 25, 2009 6:36 pm

Yes mint 7 (Ubuntu 9.04..) should already be OK
https://bugs.launchpad.net/ubuntu/jaunt ... bug/413656
    WORK-AROUND:
    Ubuntu 8.04 and later have a default setting of 65536 in /proc/sys/vm/mmap_min_addr. When set, this issue is blocked. If your value is 0, please purge the "wine" and "dosemu" packages, and reset the value:
In terminal, check
    cat /proc/sys/vm/mmap_min_addr
    65536

ter
Level 1
Level 1
Posts: 10
Joined: Wed Feb 20, 2008 6:00 am

Re: If you installed Wine or Dosemu you're at risk

Postby ter » Fri Aug 28, 2009 12:04 am

Thanks, Mine came up 0, ran the lines you gave, and bingo, it worked.

Thanks

User avatar
Acid_1
Level 5
Level 5
Posts: 797
Joined: Thu Nov 01, 2007 11:12 pm
Location: Saskatchewan, Canada
Contact:

Re: If you installed Wine or Dosemu you're at risk

Postby Acid_1 » Thu Nov 26, 2009 9:13 pm

slider wrote:Good post Acid_1 !

Most of the Linux users that I know and myself included were not aware of this bug. I posted this info in our local LUG email list.

Two users of PCLOS so far were affected.

My Mint system was not affected, but this is something all users should check anyway just to be sure.

It was mentioned in our list that this fix may need to be run at boot each time for those affected. I havent researched this, but users who were affected may want to run the check command again after rebooting to see if things are still ok.

If things change back the affected user will need to place the patch in "/etc/rc.local" where it will be run each time at boot.

Thank you for posting this info.



I just checked, and ya it goes back to zero on reboot so...

Code: Select all

gksu gedit /etc/rc.local


Then put in

echo 65536 > /proc/sys/vm/mmap_min_addr

Above the 'exit 0'

save it. Then in a terminal...

Code: Select all

sudo chmod +x /etc/rc.local


Now you're good on each reboot.
Website: Forkwhilefork

SteveHoffmanUK
Level 1
Level 1
Posts: 49
Joined: Fri May 01, 2009 6:39 pm
Location: Wiltshire, United Kingdom

Re: If you installed Wine or Dosemu you're at risk

Postby SteveHoffmanUK » Fri Nov 27, 2009 5:18 am

Acid_!

Thanks very much for the heads-up on this. Both my Linux Mint 7 installations returned '0', so people shouldn't assume that they're OK if they have Mint 7. It reverted to '0' after reboot, so I used your reboot fix to make it permanent.

Well done.
Steve
_____
MintLMDE 64-bit desktop w/W7 on Dell Inspiron570 AMD II X3 435 2.9GHz; 4GbRAM; D-Link Wifi USB DWA-140; Mint9 laptop w/Vista: Acer Extensa 5230 2.0Ghz Intel, 160 Gb HDD, Mplify 992.11b/g/ WLAN; wifi: Epson PX710W printer.

Husse
Level 23
Level 23
Posts: 19590
Joined: Sun Feb 11, 2007 7:22 am
Location: Near Borås Sweden

Re: If you installed Wine or Dosemu you're at risk

Postby Husse » Fri Nov 27, 2009 5:28 am

I think rc.local already is executable :)
Image
Don't fix it if it ain't broken, don't break it if you can't fix it

User avatar
Acid_1
Level 5
Level 5
Posts: 797
Joined: Thu Nov 01, 2007 11:12 pm
Location: Saskatchewan, Canada
Contact:

Re: If you installed Wine or Dosemu you're at risk

Postby Acid_1 » Fri Nov 27, 2009 6:02 am

Husse wrote:I think rc.local already is executable :)


You're probably right. When I was looking how to run scripts on boot, someone, somewhere on the vast internet said to make it executable. So I did lol. I didn't know :P
Website: Forkwhilefork

metroid_maniac
Level 3
Level 3
Posts: 114
Joined: Fri Jun 19, 2009 6:56 am

Re: If you installed Wine or Dosemu you're at risk

Postby metroid_maniac » Fri Nov 27, 2009 4:58 pm

I had a value of 0, Fixed it now :-)

EDIT: on Gloria that is


Return to “Chat about Linux”

Who is online

Users browsing this forum: Neil Edmond and 4 guests