[CentOS] CVE-2016-5195 “DirtyCOW”: Critical Linux Kernel Flaw
Johnny Hughes
johnny at centos.org
Sun Oct 23 12:28:15 UTC 2016
On 10/22/2016 07:49 PM, Valeri Galtsev wrote:
> Dear All,
>
> I guess, we all have to urgently apply workaround, following, say, this:
>
> https://gryzli.info/2016/10/21/protect-cve-2016-5195-dirtycow-centos-7rhel7cpanelcloudlinux/
>
> At least those of us who still have important multi user machines running
> Linux. (Yes, me too, I do have a couple, thank goodness, the rest are
> already not ;-)
>
> Have a productive weekend, everybody.
>
> Valeri
We are waiting for the official RHEL source code for this issue for the
base kernel, and I do not recommend everybody out there use our
experimental 4.4.x kernel for x86_64, BUT with that said I did release a
kernel on Friday that has the fix for CVE-2016-5195.
It is kernel-4.4.26-201.el7.centos.x86_64.rpm, and it lives here:
http://mirror.centos.org/altarch/7/experimental/x86_64/
I don't recommend using this in production without lots of testing
first, and it requires a new linux-firmware, xfsprogs, supermin5. It
also does not support secure boot.
I am using it on several (currently 6) machines and we created it for
newer IoT type boards and compute sticks, etc. I have it running on 3
laptops and 3 KVM servers without any issues .. but that is a very small
subset of tested configurations.
Thanks,
Johnny Hughes
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: OpenPGP digital signature
URL: <http://lists.centos.org/pipermail/centos/attachments/20161023/f7068b78/attachment.sig>
More information about the CentOS
mailing list