Re: CVE-2016-5195 “DirtyCOW”: Critical Linux Kernel Flaw

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



On Tue, Oct 25, 2016 at 4:06 AM, Christian Anthon <anthon@xxxxxx> wrote:

> What is the best approach on centos 6 to mitigate the problem is
> officially patched? As far as I can tell Centos 6 is vulnerable to attacks
> using ptrace.
>
> There is a mitigation described here
>
> https://bugzilla.redhat.com/show_bug.cgi?id=1384344#c13
>
> which doesn't fix the underlying problem, but at least protects against
> known attack vectors. However, I'm unsure if the script only applies to
> Centos 7, or if it also works on Centos 6?
>
> Cheers, Christian
>
>
I have not been able to get this script to work on CentOS 6.8

I've installed kernel-debug, kernel-devel, kernel-debug-devel,
kernel-debug-debuginfo, kernel-debuginfo-common and I still get:

stap -g -p 4 dirtyc0w.stp
semantic error: while resolving probe point: identifier 'syscall' at
dirtyc0w.stp:5:7
        source: probe syscall.ptrace {
                      ^

semantic error: no match

Pass 2: analysis failed.  [man error::pass2]


Anybody have any success with this?

-- 
Matt Phelps
System Administrator, Computation Facility
Harvard - Smithsonian Center for Astrophysics
mphelps@xxxxxxxxxxxxxxx, http://www.cfa.harvard.edu


On 24-10-2016 18:29, Gilbert Sebenste wrote:
>
>> On Sat, 22 Oct 2016, Valeri Galtsev wrote:
>>
>> On Sat, October 22, 2016 7:49 pm, Valeri Galtsev wrote:
>>>
>>>> Dear All,
>>>>
>>>> I guess, we all have to urgently apply workaround, following, say, this:
>>>>
>>>> https://gryzli.info/2016/10/21/protect-cve-2016-5195-dirtyco
>>>> w-centos-7rhel7cpanelcloudlinux/
>>>>
>>>> At least those of us who still have important multi user machines
>>>> running
>>>> Linux.
>>>>
>>>
>>> I should have said CentOS 7. Older ones (CentOS 6 and 5) are not
>>> vulnerable.
>>>
>>
>> Patch is out on RHEL side:
>>
>> https://rhn.redhat.com/errata/RHSA-2016-2098.html
>>
>> *******************************************************************************
>>
>> Gilbert Sebenste ********
>> (My opinions only!)
>> ******
>> *******************************************************************************
>>
>> _______________________________________________
>> CentOS mailing list
>> CentOS@xxxxxxxxxx
>> https://lists.centos.org/mailman/listinfo/centos
>>
>>
> _______________________________________________
> CentOS mailing list
> CentOS@xxxxxxxxxx
> https://lists.centos.org/mailman/listinfo/centos
>
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
https://lists.centos.org/mailman/listinfo/centos



[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux