[CentOS] CVE-2016-5195 DirtyCOW : Critical Linux Kernel Flaw

Wed Oct 26 10:56:38 UTC 2016
Peter Kjellström <cap at nsc.liu.se>

On Tue, 25 Oct 2016 17:21:54 -0700
Akemi Yagi <amyagi at gmail.com> wrote:

> On Tue, Oct 25, 2016 at 10:26 AM, Leon Fauster
> <leonfauster at googlemail.com> wrote:
> > Am 25.10.2016 um 15:39 schrieb Peter Kjellström <cap at nsc.liu.se>:  
> >> On Tue, 25 Oct 2016 10:06:12 +0200
> >> Christian Anthon <anthon at rth.dk> wrote:
> >>  
> >>> What is the best approach on centos 6 to mitigate the problem is
> >>> officially patched? As far as I can tell Centos 6 is vulnerable to
> >>> attacks using ptrace.  
> >>
> >> I can confirm that c6 is vulnerable, we're running a patched kernel
> >> (local build) using a rhel6 adaptation of the upstream fix.
> >>
> >> Ask off-list if you want an src.rpm  
> >
> >
> > Hi Peter, can you confirm that its this?
> >
> > http://pastebin.centos.org/56391/  
> 
> That is for the EL-7.2 kernel. Peter was offering a patch for CentOS
> 6.
> 
> RH released the patched kernel for EL-6.8 today. I have attached the
> diff file between 2.6.32-642.6.1.el6 and 2.6.32-642.6.2.el6. It is
> more complex because the 6 kernel is older, so required more mods, I
> suppose. Maybe that was the reason why the EL-6 update took longer
> than EL-7.

We also did a quick diff for the official c6 patch and it's almost but
not quite what we were using as a quick fix.

/Peter