[Beowulf] Heads up - local root exploit in Linux kernel (CVE-2017-6074)
Christopher Samuel
samuel at unimelb.edu.au
Wed Feb 22 18:27:03 PST 2017
Hi all,
Just a heads up that a local root exploit has been announced in the DCCP
stack in the Linux kernel going back quite a way (2005/2006). Having it
compiled as a module (as most kernels do) doesn't help as it will
auto-load when a user tries to call into it.
Original disclosure:
http://seclists.org/oss-sec/2017/q1/471
Red Hat info (includes work-around):
https://access.redhat.com/security/cve/CVE-2017-6074
Debian info:
https://security-tracker.debian.org/tracker/CVE-2017-6074
the RHEL work around is to disable loading that module with:
echo "install dccp /bin/true" >> /etc/modprobe.d/disable-dccp.conf
but there are also new kernels out.
Good luck folks!
Chris
--
Christopher Samuel Senior Systems Administrator
Melbourne Bioinformatics - The University of Melbourne
Email: samuel at unimelb.edu.au Phone: +61 (0)3 903 55545
More information about the Beowulf
mailing list