CVE-2018-14634 And Kernel-debuginfo ?
The current mitigation for CVE-2018-14634 is a systemtap script mentioned here:
https://access.redhat.com/security/cve/cve-2018-14634
It also mentions that one can build a kernel module to distribute to other machines, but in any case one needs the corresponding debuginfo packages to do either.
After enabling CentOS-Debug.repo, what I get is:
kernel-debuginfo-2.6.32-754.3.5.el6.CentOS.plus.x86_64
which doesn’t match, since I’m not running the CentOS.plus kernel, so the systemtap script fails (tested only on CentOS 6 for the moment).
Is there some way to get kernel-debuginfo-2.6.32-754.3.5.el6.x86_64?
Thanks for any help.
Cheers, Zube
3 thoughts on - CVE-2018-14634 And Kernel-debuginfo ?
You can find it here:
http://debuginfo.CentOS.org/6/x86_64/
Because yum thinks the CentOS.plus version is newer, you’d need to manually download and install it.
Akemi
Thanks. That was very helpful.
Cheers, Zube
Worst case use the full name:
yum install kernel-debuginfo-2.6.32-754.3.5.el6.x86_64
/mark