[CentOS] Local privilege escalation bug in kernel

Peter Eckel lists at eckel-edv.de
Thu Jan 26 15:34:31 UTC 2012


Hi Frank, 

> Do we know if this bug affects Centos?
> 
> http://www.techworld.com.au/article/413300/linux_vendors_rush_patch_privilege_escalation_flaw_after_root_exploits_emerge
> 
> The article states that it affects kernel 2.6.39 and above, but since RH
> backports so much stuff I'm not sure if this would actually include the Centos
> kernels.

I did a quick check using the 'mempodipper' demo exploit on CentOS 5.7 and CentOS 6.2. Currently it doesn't seem to affect either. 

On CentOS 5.7 it just hangs, on 6.2 it finishes without dropping me in a root shell. So at first sight it seems CentOS is not affected. 

Best regards, 

  Peter.


More information about the CentOS mailing list