[CentOS-devel] CentOSPlus kernels for C7 that have Ceph enabled may have a security issue
Akemi Yagi
amyagi at gmail.comMon Jan 5 20:55:01 UTC 2015
- Previous message: [CentOS-devel] Atomic SIG Meeting Reminder: 14:30 Tuesday (6 January)
- Next message: [CentOS-devel] CentOSPlus kernels for C7 that have Ceph enabled may have a security issue
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
CentOSPlus kernels, kernel-plus-3.10.0-123.4.4.el7 or newer, have the Ceph option enabled. It was discovered that there is a security issue in Ceph [1]. A patch that fixes the issue is available from kernel.org [2] but cannot be applied to the RHEL/CentOS kernel as such. We will have to disable Ceph in the next update to the plus kernel unless someone comes up with a fix for the current RHEL code. You can find more details in this CentOS bug report: http://bugs.centos.org/view.php?id=7372 Please note that the distro kernels are not affected because Ceph is not enabled. Akemi [1] https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6416 [2] https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c27a3e4d667fdcad3db7b104f75659478e0c68d8
- Previous message: [CentOS-devel] Atomic SIG Meeting Reminder: 14:30 Tuesday (6 January)
- Next message: [CentOS-devel] CentOSPlus kernels for C7 that have Ceph enabled may have a security issue
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the CentOS-devel mailing list