[CentOS] CVE-2016-5195 “DirtyCOW”: Critical Linux Kernel Flaw
Peter Kjellström
cap at nsc.liu.se
Tue Oct 25 13:38:20 UTC 2016
On Tue, 25 Oct 2016 08:29:33 -0400
"Phelps, Matthew" <mphelps at cfa.harvard.edu> wrote:
> On Tue, Oct 25, 2016 at 4:06 AM, Christian Anthon <anthon at rth.dk>
> wrote:
>
> > What is the best approach on centos 6 to mitigate the problem is
> > officially patched? As far as I can tell Centos 6 is vulnerable to
> > attacks using ptrace.
> >
> > There is a mitigation described here
> >
> > https://bugzilla.redhat.com/show_bug.cgi?id=1384344#c13
> >
> > which doesn't fix the underlying problem, but at least protects
> > against known attack vectors. However, I'm unsure if the script
> > only applies to Centos 7, or if it also works on Centos 6?
> >
> > Cheers, Christian
> >
> >
> I have not been able to get this script to work on CentOS 6.8
>
> I've installed kernel-debug, kernel-devel, kernel-debug-devel,
> kernel-debug-debuginfo, kernel-debuginfo-common and I still get:
You have the wrong packages. You want "kernel-debuginfo" and
"kernel-debuginfo-common" for the running kernel. You've by mistake got
"kernel-debug-debuginfo" which is the debuginfo for the debug kernel
(not the normal kernel).
/Peter K
More information about the CentOS
mailing list