On Mon, May 12, 2014 at 11:23 AM, Keith Keller <kkeller@xxxxxxxxxxxxxxxxxxxxxxxxxx> wrote: > On 2014-05-12, James Hogarth <james.hogarth@xxxxxxxxx> wrote: >> >> This does not affect el5 ... an el6 update is pending. >> >> https://access.redhat.com/security/cve/CVE-2014-0196 > > Are there any mitigation steps we can take? I've chased down some of > the links looking for any, but haven't had success yet. According to the upstream BZ 1094232, there is a patch from kernel.org: https://git.kernel.org/cgit/linux/kernel/git/gregkh/tty.git/commit/?h=tty-linus&id=4291086b1f081b869c6d79e5b7441633dc3ace00 The file to patch in the RHEL/CentOS kernel seems to be drivers/char/n_tty.c If the next kernel update does not have the fix, I can add it to the centosplus kernel. Akemi _______________________________________________ CentOS mailing list CentOS@xxxxxxxxxx http://lists.centos.org/mailman/listinfo/centos
Re: Heads up on local root escalation
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
- To: CentOS mailing list <centos@xxxxxxxxxx>
- Subject: Re: Heads up on local root escalation
- From: Akemi Yagi <amyagi@xxxxxxxxx>
- Date: Mon, 12 May 2014 11:58:09 -0700
- Delivered-to: centos@xxxxxxxxxx
- In-reply-to: <45g74bx7mq.ln2@goaway.wombat.san-francisco.ca.us>
- Follow-Ups:
- Re: Heads up on local root escalation
- From: Leon Fauster
- Re: Heads up on local root escalation
- From: Keith Keller
- Re: Heads up on local root escalation
- References:
- Heads up on local root escalation
- From: James Hogarth
- Re: Heads up on local root escalation
- From: Keith Keller
- Heads up on local root escalation
- Prev by Date: Re: Heads up on local root escalation
- Next by Date: SSSD Passwd change problem
- Previous by thread: Re: Heads up on local root escalation
- Next by thread: Re: Heads up on local root escalation
- Index(es):
 |