[CentOS] Heads up on local root escalation

Eero Volotinen eero.volotinen at iki.fi
Thu May 15 05:23:09 UTC 2014


"This issue does not affect the versions of Linux kernel packages as
shipped with Red Hat Enterprise Linux 6.4 EUS and Red Hat Enterprise Linux
6, because they include backport of upstream commit c56a00a165 that
mitigates this issue."


2014-05-12 21:13 GMT+03:00 James Hogarth <james.hogarth at gmail.com>:

> Remember to be especially aware if you have systems that can potentially
> have code uploaded and run (ftp to httpd vhost or improper php config and
> file ownership/permissions).
>
> This does not affect el5 ... an el6 update is pending.
>
> https://access.redhat.com/security/cve/CVE-2014-0196
> _______________________________________________
> CentOS mailing list
> CentOS at centos.org
> http://lists.centos.org/mailman/listinfo/centos
>



More information about the CentOS mailing list