Re: [CentOS] CVE-2013-2094 and CentOS 6.x
On 05/16/2013 01:19 PM, Jake Shipton wrote: > On Wed, 15 May 2013 11:48:14 -0700 (PDT) > "David C. Miller" wrote: > >> For those who don't know yet here is the redhat bugzilla on this >> exploit. >> >> https://bugzilla.redhat.com/show_bug.cgi?id=962792 >> >> Does anyone know if CentOS 6 have the debug packages available to >> apply the temp patch for this listed in the bugzilla link? >> >> David. >> >> ___ >> CentOS mailing list >> CentOS@centos.org >> http://lists.centos.org/mailman/listinfo/centos > Redhat have released a new kernel to fix the bug :-). > > https://rhn.redhat.com/errata/RHSA-2013-0830.html CentOS has also released this: http://lists.centos.org/pipermail/centos-announce/2013-May/019733.html signature.asc Description: OpenPGP digital signature ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] CVE-2013-2094 and CentOS 6.x
On Wed, 15 May 2013 11:48:14 -0700 (PDT) "David C. Miller" wrote: > > For those who don't know yet here is the redhat bugzilla on this > exploit. > > https://bugzilla.redhat.com/show_bug.cgi?id=962792 > > Does anyone know if CentOS 6 have the debug packages available to > apply the temp patch for this listed in the bugzilla link? > > David. > > ___ > CentOS mailing list > CentOS@centos.org > http://lists.centos.org/mailman/listinfo/centos Redhat have released a new kernel to fix the bug :-). https://rhn.redhat.com/errata/RHSA-2013-0830.html -- Jake Shipton (JakeMS) GPG Key: 0xE3C31D8F GPG Fingerprint: 7515 CC63 19BD 06F9 400A DE8A 1D0B A5CF E3C3 1D8F signature.asc Description: PGP signature ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] CVE-2013-2094 and CentOS 6.x
On Wednesday 15 May 2013 11:48:14 David C. Miller wrote: > For those who don't know yet here is the redhat bugzilla on this exploit. > > https://bugzilla.redhat.com/show_bug.cgi?id=962792 > > Does anyone know if CentOS 6 have the debug packages available to apply the > temp patch for this listed in the bugzilla link? An alternative to the somewhat complicated process of getting a full systemtap build environment running is to use precompiled modules. I've made mine available. Here are pros and cons: + only needs the base pkg systemtap-runtime + easy to deploy + disables perf as long as active (stops the vuln) - you got to trust me but: * I've signed this email with my normal key used previously on the list * I included md5sums - my systemtap fix is more blunt, disables perf_event_open completely - you need to be running a matching kernel (I built for -358.2.1 and 6.1) - you can't rename the .ko file Instructions: 1) get the .ko file matching your kernel (35821 for -358.2.1, ...) 2) check the md5sum 3) insert it with "# staprun -L ./perf_event_blocker_358?1.ko" 4) (optional) "perf stat true" should now fail with -14 5) (optionally to disable) "staprun -A" + Ctrl-C http://www.nsc.liu.se/~cap/perf_event_blocker_35821.ko http://www.nsc.liu.se/~cap/perf_event_blocker_35861.ko http://www.nsc.liu.se/~cap/perf_event_blocker.stp e721fcbdcd1f7616ddd11d41f4909545 perf_event_blocker_35821.ko a1a9819138bada0a1a7d9c21c6458510 perf_event_blocker_35861.ko 05f0bfd3030db4d4f4deb0fdc71b7fa3 perf_event_blocker.stp /Peter -- -= Peter Kjellström -= National Supercomputer Centre signature.asc Description: This is a digitally signed message part. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] CVE-2013-2094 and CentOS 6.x
On 05/15/2013 01:48 PM, David C. Miller wrote: > For those who don't know yet here is the redhat bugzilla on this exploit. > > https://bugzilla.redhat.com/show_bug.cgi?id=962792 > > Does anyone know if CentOS 6 have the debug packages available to apply the > temp patch for this listed in the bugzilla link? > http://lists.centos.org/pipermail/centos-announce/2013-May/019729.html signature.asc Description: OpenPGP digital signature ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] CVE-2013-2094 and CentOS 6.x
For those who don't know yet here is the redhat bugzilla on this exploit. https://bugzilla.redhat.com/show_bug.cgi?id=962792 Does anyone know if CentOS 6 have the debug packages available to apply the temp patch for this listed in the bugzilla link? David. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
