On 10/22/2016 07:49 PM, Valeri Galtsev wrote:
Dear All,
I guess, we all have to urgently apply workaround, following, say, this:
https://gryzli.info/2016/10/21/protect-cve-2016-5195-dirtycow-centos-7rhel7c...
At least those of us who still have important multi user machines running Linux. (Yes, me too, I do have a couple, thank goodness, the rest are already not ;-)
Have a productive weekend, everybody.
Valeri
We are waiting for the official RHEL source code for this issue for the base kernel, and I do not recommend everybody out there use our experimental 4.4.x kernel for x86_64, BUT with that said I did release a kernel on Friday that has the fix for CVE-2016-5195.
It is kernel-4.4.26-201.el7.centos.x86_64.rpm, and it lives here:
http://mirror.centos.org/altarch/7/experimental/x86_64/
I don't recommend using this in production without lots of testing first, and it requires a new linux-firmware, xfsprogs, supermin5. It also does not support secure boot.
I am using it on several (currently 6) machines and we created it for newer IoT type boards and compute sticks, etc. I have it running on 3 laptops and 3 KVM servers without any issues .. but that is a very small subset of tested configurations.
Thanks, Johnny Hughes