Hi – Looking at
I have just tried this on a fully patched 6.4 box and it seems vulnerable –
Do other see the same?
Yep, works also on my CentOS 6.4 box.
Did anyone try 6.x other than 6.4 what I mean? I don’t have the server to try right now.
Yes. Reported earlier in this forum thread (with additional info):
Is this 6.4 only or does it work on 5.9 also?
14.5.2013 19.25 “Tom Brown” kirjoitti:
Announced in that thread:
CentOSPlus *test* kernel with the patch is now available from:
It was confirmed to work. Only the 64-bit kernel is provided because the 32-bit kernel is not affected.
NOTE: This is _not_ an official release by CentOS. The distro kernel with the patch may be released later.
Here is the most recent distro kernel with just the patch linked from the RH Bugzilla. This fixed the issue on our test platforms:
Note: This is signed by the CentOS-6 test key and it is provided as a best effort option to mitigate the above security issue while waiting for an upstream solution. It is not an official CentOS package and needs to be fully tested for fitness by each user before used in production.
Thanks, Johnny Hughes