similar to: CVE-2016-5195 “DirtyCOW”: Critical Linux Kernel Flaw

On Sat, 22 Oct 2016, Valeri Galtsev wrote: > On Sat, October 22, 2016 7:49 pm, Valeri Galtsev wrote: >> Dear All, >> >> I guess, we all have to urgently apply workaround, following, say, this: >> >> https://gryzli.info/2016/10/21/protect-cve-2016-5195-dirtycow-centos-7rhel7cpanelcloudlinux/ >> >> At least those of us who still have important multi user

On Fri, October 28, 2016 9:43 am, Johnny Hughes wrote: > On 10/22/2016 07:49 PM, Valeri Galtsev wrote: >> Dear All, >> >> I guess, we all have to urgently apply workaround, following, say, this: >> >> https://gryzli.info/2016/10/21/protect-cve-2016-5195-dirtycow-centos-7rhel7cpanelcloudlinux/ >> >> At least those of us who still have important multi

Dear Sir/s, Can a crashed centos system be restore to its previous state before it crash? And if so, can you please tell me how to do it? Thanks, your help is very much appreciated. ----- Original Message ----- From: "Richard" <lists-centos at listmail.innovate.net> To: "CentOS mailing list" <centos at centos.org> Sent: Tuesday, November 1, 2016 5:05:59 PM

On Tue, November 1, 2016 6:25 pm, Tony Mountifield wrote: > In article <5818CD31.4050008 at moving-picture.com>, > James Pearson <james-p at moving-picture.com> wrote: >> Leonardo Oliveira Ortiz wrote: >> > RedHat and Centos 4.x can be explored by this flaw? >> >> See: >> >> https://access.redhat.com/security/cve/cve-2016-5195 > > In

Leonardo Oliveira Ortiz wrote: > RedHat and Centos 4.x can be explored by this flaw? See: https://access.redhat.com/security/cve/cve-2016-5195 James Pearson

On Sat, October 22, 2016 7:49 pm, Valeri Galtsev wrote: > Dear All, > > I guess, we all have to urgently apply workaround, following, say, this: > > https://gryzli.info/2016/10/21/protect-cve-2016-5195-dirtycow-centos-7rhel7cpanelcloudlinux/ > > At least those of us who still have important multi user machines running > Linux. I should have said CentOS 7. Older ones

What is the best approach on centos 6 to mitigate the problem is officially patched? As far as I can tell Centos 6 is vulnerable to attacks using ptrace. There is a mitigation described here https://bugzilla.redhat.com/show_bug.cgi?id=1384344#c13 which doesn't fix the underlying problem, but at least protects against known attack vectors. However, I'm unsure if the script only

On 10/22/2016 07:49 PM, Valeri Galtsev wrote: > Dear All, > > I guess, we all have to urgently apply workaround, following, say, this: > > https://gryzli.info/2016/10/21/protect-cve-2016-5195-dirtycow-centos-7rhel7cpanelcloudlinux/ > > At least those of us who still have important multi user machines running > Linux. (Yes, me too, I do have a couple, thank goodness, the

On 02/11/16 13:05, Richard wrote: > RHEL/Centos-4 is EOL so wouldn't be updated regardless (at least > under the normal EOL guidelines), but it is mentioned toward the > bottom of that page under "Affected Packages State": > > Red Hat Enterprise Linux 4 kernel Not affected It is mentioned because RHEL4 is in extended life phase, so not EOL yet. CentOS 4 is EOL

On Tue, Oct 25, 2016 at 4:06 AM, Christian Anthon <anthon at rth.dk> wrote: > What is the best approach on centos 6 to mitigate the problem is > officially patched? As far as I can tell Centos 6 is vulnerable to attacks > using ptrace. > > There is a mitigation described here > > https://bugzilla.redhat.com/show_bug.cgi?id=1384344#c13 > > which doesn't fix the

On Sat Oct 22 08:20:24 PM, Valeri Galtsev wrote: > I should have said CentOS 7. Older ones (CentOS 6 and 5) are not vulnerable. https://bugzilla.redhat.com/show_bug.cgi?id=1384344 Comment #35 points to a link that doesn't depend on /proc/self/mem and claims to work on CentOS 6 and 5. I'm not quite sure what I should be looking for when I run the program, though. I do hope Redhat

On Tue, Oct 25, 2016 at 2:18 PM, <m.roth at 5-cent.us> wrote: > My manager just told me that upstream has released a patched kernel for 7: > > CentOS package kernel-3.10.0-327.36.3.el7.x86_64.rpm > see http://rhn.redhat.com/errata/RHSA-2016-2098.html > > I'm hoping Johnny can get us that, hopefully before the end of the week. > > mark > >

RedHat and Centos 4.x can be explored by this flaw? -----Mensagem original----- De: centos-bounces at centos.org [mailto:centos-bounces at centos.org] Em nome de Valeri Galtsev Enviada em: sexta-feira, 28 de outubro de 2016 12:50 Para: CentOS mailing list <centos at centos.org> Assunto: Re: [CentOS] CVE-2016-5195 ???DirtyCOW???: Critical Linux Kernel Flaw On Fri, October 28, 2016 9:43

> Date: Tuesday, November 01, 2016 18:49:56 -0500 > From: Valeri Galtsev <galtsev at kicp.uchicago.edu> > > On Tue, November 1, 2016 6:25 pm, Tony Mountifield wrote: >> In article <5818CD31.4050008 at moving-picture.com>, >> James Pearson <james-p at moving-picture.com> wrote: >>> Leonardo Oliveira Ortiz wrote: >>> > RedHat and Centos

Dear Sir/s, What I mean is the system crashed where the OS is no longer booting properly. This started when I did a "partition resize". Unfortunately, we don't have any backup of the system. Thanks in advance for your help. Regards, CHRIS ----- Original Message ----- From: "Peter" <peter at pajamian.dhs.org> To: "CentOS mailing list" <centos at

In article <5818CD31.4050008 at moving-picture.com>, James Pearson <james-p at moving-picture.com> wrote: > Leonardo Oliveira Ortiz wrote: > > RedHat and Centos 4.x can be explored by this flaw? > > See: > > https://access.redhat.com/security/cve/cve-2016-5195 In other words, no: RHEL 4 and CentOS4 are not affected by this flaw. Tony -- Tony Mountifield

On Tue, 25 Oct 2016 08:29:33 -0400 "Phelps, Matthew" <mphelps at cfa.harvard.edu> wrote: > On Tue, Oct 25, 2016 at 4:06 AM, Christian Anthon <anthon at rth.dk> > wrote: > > > What is the best approach on centos 6 to mitigate the problem is > > officially patched? As far as I can tell Centos 6 is vulnerable to > > attacks using ptrace. > >

My manager just told me that upstream has released a patched kernel for 7: CentOS package kernel-3.10.0-327.36.3.el7.x86_64.rpm see http://rhn.redhat.com/errata/RHSA-2016-2098.html I'm hoping Johnny can get us that, hopefully before the end of the week. mark

Am 25.10.2016 um 15:39 schrieb Peter Kjellstr?m <cap at nsc.liu.se>: > On Tue, 25 Oct 2016 10:06:12 +0200 > Christian Anthon <anthon at rth.dk> wrote: > >> What is the best approach on centos 6 to mitigate the problem is >> officially patched? As far as I can tell Centos 6 is vulnerable to >> attacks using ptrace. > > I can confirm that c6 is

Phelps, Matthew wrote: > On Tue, Oct 25, 2016 at 2:18 PM, <m.roth at 5-cent.us> wrote: > >> My manager just told me that upstream has released a patched kernel for >> 7: >> CentOS package kernel-3.10.0-327.36.3.el7.x86_64.rpm >> see http://rhn.redhat.com/errata/RHSA-2016-2098.html >> >> I'm hoping Johnny can get us that, hopefully before the end