Was there ever a Dirty COW patch released for 6.8? If so, where would I get the patch?
Thanks
Daryl
Dirty COW patch
-
- Posts: 519
- Joined: 2012/06/26 14:20:47
Re: Dirty COW patch
Run "yum update" which will get you all the current patches and updates.
Re: Dirty COW patch
NB and also update you from 6.8 to 6.9.
Re: Dirty COW patch
I think the patch came with kernel > 2.6.32.642 ?
so if you're running that or higher you're cool, otherwise yes
yum update kernel
so if you're running that or higher you're cool, otherwise yes
yum update kernel
Re: Dirty COW patch
I just got dirty cow'd with firefart... apparently the pokemon exploit of the dirtycow vulnerability.
Problem is, I am running on Centos 6.10 (Final).
Everything I have read suggests that there is no further upgrade path on Centos 6.
Will upgrading to Centos 7 patch this vulnerability?
https://github.com/FireFart/dirtycow/bl ... er/dirty.c
Problem is, I am running on Centos 6.10 (Final).
Everything I have read suggests that there is no further upgrade path on Centos 6.
Will upgrading to Centos 7 patch this vulnerability?
https://github.com/FireFart/dirtycow/bl ... er/dirty.c
Re: Dirty COW patch
It's already fixed and has been since
https://access.redhat.com/errata/RHSA-2016:2105 says it was fixed in kernel-2.6.32-642.6.2.el6.x86_64.rpm
The current CentOS 6 kernel is kernel-2.6.32-754.9.1.el6.x86_64 and that output is from rpm -q --changelog. What does uname -r say on the affected server? If it's less than 2.6.32-642.6.2 then it would have been vulnerable. If not then it wasn't.
https://access.redhat.com/security/cve/cve-2016-5195* Mon Oct 24 2016 Phillip Lougher <plougher@redhat.com> [2.6.32-665.el6]
- [mm] close FOLL MAP_PRIVATE race (Larry Woodman) [1385117] {CVE-2016-5195}
https://access.redhat.com/errata/RHSA-2016:2105 says it was fixed in kernel-2.6.32-642.6.2.el6.x86_64.rpm
The current CentOS 6 kernel is kernel-2.6.32-754.9.1.el6.x86_64 and that output is from rpm -q --changelog. What does uname -r say on the affected server? If it's less than 2.6.32-642.6.2 then it would have been vulnerable. If not then it wasn't.
The future appears to be RHEL or Debian. I think I'm going Debian.
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke