On Tue, Sep 25, 2018 at 11:48 AM Zube Zube@stat.colostate.edu wrote:
The current mitigation for CVE-2018-14634 is a systemtap script mentioned here:
https://access.redhat.com/security/cve/cve-2018-14634
It also mentions that one can build a kernel module to distribute to other machines, but in any case one needs the corresponding debuginfo packages to do either.
After enabling CentOS-Debug.repo, what I get is:
kernel-debuginfo-2.6.32-754.3.5.el6.centos.plus.x86_64
which doesn't match, since I'm not running the centos.plus kernel, so the systemtap script fails (tested only on CentOS 6 for the moment).
Is there some way to get kernel-debuginfo-2.6.32-754.3.5.el6.x86_64?
Thanks for any help.
Cheers, Zube
You can find it here:
http://debuginfo.centos.org/6/x86_64/
Because yum thinks the centos.plus version is newer, you'd need to manually download and install it.
Akemi