CVE-2019-8912

General support questions
Post Reply
jimccomfort
Posts: 3
Joined: 2022/09/20 13:44:16

CVE-2019-8912

Post by jimccomfort » 2022/09/20 13:48:59

Is there an official CENTOS 7 kernel version that resolves vulnerability CVE-2019-8912? Running kernel version 3.10.0-1160.76.1.el7.x86_64 and trying to avoid EL repo, if possible. Looking for community guidance here and want to stay with CENTOS.

User avatar
TrevorH
Site Admin
Posts: 33191
Joined: 2009/09/24 10:40:56
Location: Brighton, UK

Re: CVE-2019-8912

Post by TrevorH » 2022/09/20 14:06:31

https://access.redhat.com/security/cve/CVE-2019-8912

"Red Hat Enterprise Linux 7 kernel Not affected"
The future appears to be RHEL or Debian. I think I'm going Debian.
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke

jimccomfort
Posts: 3
Joined: 2022/09/20 13:44:16

Re: CVE-2019-8912

Post by jimccomfort » 2022/09/20 16:59:08

ok, think I took care of the issue. I had the old kernel installed and not in use. After I removed the old kernel, vulnerability cleared. :D

User avatar
TrevorH
Site Admin
Posts: 33191
Joined: 2009/09/24 10:40:56
Location: Brighton, UK

Re: CVE-2019-8912

Post by TrevorH » 2022/09/20 17:00:48

Red Hat say this vulnerability is not and never has been present on RHEL 7 (which is the source used to build CentOS so applies to it too).
The future appears to be RHEL or Debian. I think I'm going Debian.
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke

User avatar
jlehtone
Posts: 4523
Joined: 2007/12/11 08:17:33
Location: Finland

Re: CVE-2019-8912

Post by jlehtone » 2022/09/20 18:39:57

jimccomfort wrote:
2022/09/20 16:59:08
After I removed the old kernel, vulnerability cleared. :D
If the old kernel had no vulnerability (according to Red Hat), then your "vulnerability detection tool" does not actually detect vulnerabilities, but reports false positives based on some unreliable trivia. That makes one ask: how many true positives does it fail to detect.

jimccomfort
Posts: 3
Joined: 2022/09/20 13:44:16

Re: CVE-2019-8912

Post by jimccomfort » 2022/09/20 21:17:39

nope, issue is back. test server was not picked up for vulnerability reporting. I can assume this is a false postive, potentially, but not sure why it is getting picked up. If in kernel-alt and I am on x86_64 server, not sure why that would get flagged here.

Post Reply