Stable kernels 2.6.31.6 and 2.6.27.39 released

BTW, you need to throw out your entire conception of "untrusted local users." If you run a webserver with php scripts on it and no "untrusted local users" -- there's a good chance at some point the machine will have one (or more), via webapp exploits. The mindset of "I don't have any untrusted local users on this machine so I don't need to upgrade" is what gets people bit by these vulnerabilities.

And just to emphasize an earlier point, if mmap_min_addr and SELinux were written correctly back in 2007 when mmap_min_addr was introduced in response to my first exploit, the bug class would largely be a non-issue right now.

But mmap_min_addr has had 5 or so bypasses since its inclusion, and the SELinux problem was only just fixed in RHEL5 last Friday (as I mentioned already, it was fixed two months or so ago in Fedora) so it's really almost the case that anyone who doesn't have *very* recent _kernels_ is vulnerable.

If we were to talk about "reasonably modern" Linux distributions, RHEL 5.3 is vuln out of the box, RHEL 5.4 is vuln out of the box, Ubuntu 9.04 is vuln out of the box, FC11 is vuln out of the box, that SuSE 10 SP3 just released last month is vuln out of the box.

Ubuntu 9.10 is fine (modulo any toggling from wine), FC12 is fine (I think), and SuSE 11 is fine.

-Brad