Overriding sys_brk() is not enough, because the problem actually exists in do_brk() which is used in other parts of kernel (for example bifmt_elf.c) - and the bug can be exploited from them.
I've writen a patch which can fix this flaw without reboot - it uses/dev/kmem to alter running kernel (actually to modify begining of do_brk()) and one LKM.
It can be downloaded from here. But I'm no kernel expert and this patch was written in rush(and it's pretty poorly written), so use it with extreme caution.
Slashdot Mirror
Overriding sys_brk() is not enough, because the problem actually exists in do_brk() which is used in other parts of kernel (for example bifmt_elf.c) - and the bug can be exploited from them.
/dev/kmem to alter running kernel (actually to modify begining of do_brk()) and one LKM.
I've writen a patch which can fix this flaw without reboot - it uses
It can be downloaded from here.
But I'm no kernel expert and this patch was written in rush(and it's pretty poorly written), so use it with extreme caution.