[Triumf-linux-managers] linux privilege escalation vul - CVE-2017-6074
Kel Raywood
kray at triumf.ca
Fri Feb 24 12:37:31 PST 2017
A privilege-escalation vulnerability has been discovered in the Linux
kernel. For details see
https://access.redhat.com/security/vulnerabilities/2934281
To resolve the issue, Red Hat have released updated kernels for EL 5, 6
and 7. These have been rebuilt by the clones, Scientific Linux and
CentOS, and are on the TRIUMF mirror.
If rebooting into an updated kernel is inconvenient, then you can still
be protected from the vulnerability by disabling the vulnerable kernel
module; dccp. Fortunately, it is a rarely-used module. I'm not aware
of anyone at TRIUMF that uses it, and none of the systems I manage have
it loaded.
For further instructions see:
https://ccn.triumf.ca/security/linux/vulnerabilities/cve-2017-6074
--
Kelvin Raywood
TRIUMF Information Systems and Technology
More information about the Triumf-linux-managers
mailing list