[CentOS-devel] CentOSPlus kernels for C7 that have Ceph enabled may have a security issue

Mon Jan 5 20:55:01 UTC 2015
Akemi Yagi <amyagi at gmail.com>

CentOSPlus kernels, kernel-plus-3.10.0-123.4.4.el7 or newer, have the
Ceph option enabled. It was discovered that there is a security issue
in Ceph [1]. A patch that fixes the issue is available from kernel.org
[2] but cannot be applied to the RHEL/CentOS kernel as such.

We will have to disable Ceph in the next update to the plus kernel
unless someone comes up with a fix for the current RHEL code. You can
find more details in this CentOS bug report:

http://bugs.centos.org/view.php?id=7372

Please note that the distro kernels are not affected because Ceph is
not enabled.

Akemi

[1] https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6416
[2] https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c27a3e4d667fdcad3db7b104f75659478e0c68d8