Background: Appletalk support allows your Linux machine to interwork with Apple networks. Below components conduct the specified functions.
- sysctl_net_atalk.c: sysctl interface to net AppleTalk subsystem.
- ddp.c: AppleTalk DDP protocol for Ethernet ELAP (ethertalk).
- atalk_proc.c: proc support for Appletalk
The Use-After-Free vulnerability is related to above three components. Even though you do not use ApplyTalk, attacker by sending a request that submits malicious input to the targeted system. A successful exploit could allow the attacker to execute arbitrary code.
In the Linux kernel version 2.6.23, the /proc/sys/vm/mmap_min_addr tunable was introduced to prevent unprivileged users from creating new memory mappings below the minimum address. To enable it, add or amend the following entry in the /etc/sysctl.conf file:
vm.mmap_min_addr = 4096
Security Focus: What is NULL pointer dereference flaws in the Linux? NULL pointer dereference flaws in the Linux kernel can often be abused by a local, unprivileged user to gain root privileges by mapping attacker-controlled data to low memory pages.
But above adjustment cannot resolve these vulnerabilities. It was because if alloc_disk fails in pcd_init_units, cd->disk will be NULL, however in pcd_detect and pcd_exit, it’s not check this before free.It may result a NULL pointer dereference.
Remedy: Kernel.org has released remedy at the following link – https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=6377f787aeb945cae7abbb6474798de129e1f3ac