Luke S Crawford
2010-Sep-28 13:00 UTC
[Xen-users] has CVE-2010-3081 been patched in the xen.org kernels?
there''s lots of talk of the Ac1db1tch3z exploit. has this been pached in the xen.org dom0 kernels? the xcp kernels? I''ve been using the /proc/sys/fs/binfmt_misc/register workaround but it''d be better to properly upgrade everything. _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users
Todd Deshane
2010-Sep-28 13:19 UTC
Re: [Xen-users] has CVE-2010-3081 been patched in the xen.org kernels?
On Tue, Sep 28, 2010 at 9:00 AM, Luke S Crawford <lsc@prgmr.com> wrote:> > > there''s lots of talk of the Ac1db1tch3z exploit. has this been pached > in the xen.org dom0 kernels? the xcp kernels? I''ve been using the > /proc/sys/fs/binfmt_misc/register workaround but it''d be better to properly > upgrade everything. >A recent root exploit is mentioned here: http://xen.markmail.org/search/?q=%22xen+and+dom0+kernel+builds%22#query:%22xen%20and%20dom0%20kernel%20builds%22+page:1+mid:5tx6app7okp67cdi+state:results -- Todd Deshane http://todddeshane.net http://runningxen.com _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users
Luke S Crawford
2010-Sep-28 17:44 UTC
Re: [Xen-users] has CVE-2010-3081 been patched in the xen.org kernels?
Todd Deshane <deshantm@gmail.com> writes:> On Tue, Sep 28, 2010 at 9:00 AM, Luke S Crawford <lsc@prgmr.com> wrote: > > > > > > there''s lots of talk of the Ac1db1tch3z exploit. has this been pached > > in the xen.org dom0 kernels? the xcp kernels? I''ve been using the > > /proc/sys/fs/binfmt_misc/register workaround but it''d be better to properly > > upgrade everything. > > > > A recent root exploit is mentioned here: > http://xen.markmail.org/search/?q=%22xen+and+dom0+kernel+builds%22#query:%22xen%20and%20dom0%20kernel%20builds%22+page:1+mid:5tx6app7okp67cdi+state:resultsThat''s the exploit I''m talking about, but that message is about myoung''s fc12 build... as far as I can read it doesn''t mention the 2.6.32.x pvops kernel or the 2.6.18.8-xen hg tree. _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users
Matthew Law
2010-Sep-30 09:19 UTC
Re: [Xen-users] has CVE-2010-3081 been patched in the xen.org kernels?
On Tue, September 28, 2010 2:00 pm, Luke S Crawford wrote:> there''s lots of talk of the Ac1db1tch3z exploit. has this been pached > in the xen.org dom0 kernels? the xcp kernels? I''ve been using the > /proc/sys/fs/binfmt_misc/register workaround but it''d be better to > properly > upgrade everything.Sorry if this has already been covered but for those who use CentOS-based dom0s I noticed the latest kernel has the fix as does RHEL. We use centos and gitco xen rpms so we should be OK now (fingers and toes crossed!). Cheers, Matt. _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users