[CentOS] Heads up on local root escalation

Tue May 13 09:05:12 UTC 2014
Leon Fauster <leonfauster at googlemail.com>

Am 12.05.2014 um 20:58 schrieb Akemi Yagi <amyagi at gmail.com>:
> On Mon, May 12, 2014 at 11:23 AM, Keith Keller
>> Are there any mitigation steps we can take?  I've chased down some of
>> the links looking for any, but haven't had success yet.
> 
> According to the upstream BZ 1094232, there is a patch from kernel.org:
> 
> https://git.kernel.org/cgit/linux/kernel/git/gregkh/tty.git/commit/?h=tty-linus&id=4291086b1f081b869c6d79e5b7441633dc3ace00
> 
> The file to patch in the RHEL/CentOS kernel seems to be drivers/char/n_tty.c
> 
> If the next kernel update does not have the fix, I can add it to the
> centosplus kernel.


Hi Akemi,

this would be great - can we push this out? Upstream is delayed (for such vuln).

--
Thanks
LF