Here is a script im pushing out to servers as a temporary stop gap till sock_sendpage() fix hits stable branch of kernel (sometime this weekend apparently Linus hinted at)
##
# The kernel tunable setting for minimum allowed user space address
# (/proc/sys/vm/mmap_min_addr) controls the amount of low virtual memory
# that is protected from userspace allocation. This script will check/set the
# minimum allowed user-space address to 4096 if eq 0 or leave it as default
# if > 4096, in an effort to temporarily protect from current pof code for
# sock_sendpage() local root exploits.
##
http://rfxn.com/downloads/set_mmap_minaddr
ref: http://archives.neohapsis.com/archives/ful...09-08/0174.html