[CentOS-announce] CentOS-6 CVE-2013-2094 Kernel Issue

Johnny Hughes johnny at centos.org
Wed May 15 14:34:53 UTC 2013

There is a kernel security issue that allows unprivileged (normal) users
to gain root access on CentOS-6.4 x86_64 machines.  The upstream
bugzilla entry is here:


There is a *TESTING* kernel that should mitigate this issue available here:


Signing Key:  http://mirror.centos.org/centos/RPM-GPG-KEY-CentOS-Testing-6

This kernel is the current CentOS-6.4 kernel with this one patch added
and recompiled:


Note:  This is signed by the centos-6 test key and it is provided as a
best effort option to mitigate the above security issue while waiting
for an upstream solution.  It has been tested by our QA Team, but it is
*NOT* an official CentOS package and needs to be fully tested for
fitness by each user before used in production.

Please see this mailing list thread:


And/or this Forum thread:


For more details.

Johnny Hughes

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: OpenPGP digital signature
Url : http://lists.centos.org/pipermail/centos-announce/attachments/20130515/27ff719e/attachment.bin 

More information about the CentOS-announce mailing list