CVE-2020-10713
Re: CVE-2020-10713
Thank You for helping me out.
1 I ran dnf history
2. dnf undo <no> serially undoing it
3. same problem as before.
What I noticed is that while in grub menu while booting to choose the kernel. All the parameters to boot to a lvm is missing and I manually entered " GRUB_CMDLINE_LINUX="root=/dev/mapper/cl_server-root ro crashkernel=auto resume=/dev/mapper/cl_server-swap rd.lvm.lv=cl_server/root rd.lvm.lv=cl_server/swap".
Even after generating a new grub2 file by the command
# grub2-mkconfig -o /boot/efi/EFI/centos/grub.cfg
the command succeeds
but same problem after restart and then the kernel boots to Failed to Switch Root
and as rhgb quiet is not there the system is showing a lot of failed messages and it boots to graphical display after a long time.
Thanks War
1 I ran dnf history
2. dnf undo <no> serially undoing it
3. same problem as before.
What I noticed is that while in grub menu while booting to choose the kernel. All the parameters to boot to a lvm is missing and I manually entered " GRUB_CMDLINE_LINUX="root=/dev/mapper/cl_server-root ro crashkernel=auto resume=/dev/mapper/cl_server-swap rd.lvm.lv=cl_server/root rd.lvm.lv=cl_server/swap".
Even after generating a new grub2 file by the command
# grub2-mkconfig -o /boot/efi/EFI/centos/grub.cfg
the command succeeds
but same problem after restart and then the kernel boots to Failed to Switch Root
and as rhgb quiet is not there the system is showing a lot of failed messages and it boots to graphical display after a long time.
Thanks War
Re: CVE-2020-10713
I got my system back up with this: https://bugzilla.redhat.com/show_bug.cgi?id=1861977#c32
Hola that helps!
Hola that helps!
Nacho wrote: ↑2020/08/01 07:29:05My genius brother helped me activate network outside of chroot:
However I still didn't get to recover GRUB2Code: Select all
ip addr add <pick an IP-address, in my case 192.168.178.51/24> dev <name of your network controller, in my case eno2> ip link set dev <name of your network controller> up route add -net 0.0.0.0/0 gw <IP-address of your router>
![]()
I hope that helps!
Re: CVE-2020-10713
Boot with CentOS stick - Troubleshoot
chroot/sysimage
dhclient <your interface>
to get network access
nano /etc/yum.conf
exclude=grub2* shim* mokutil
/boot/efi/EFI/centos/shimx64.efi
replace by an older one taken from https://bugzilla.redhat.com/attachment.cgi?id=1702984
as published here: https://bugzilla.redhat.com/show_bug.cgi?id=1861977#c32
post from: Javier Martinez Canillas 2020-07-30 18:32:23 UTC
works
Wondering when to remove above mentioned yum exclusions?
chroot/sysimage
dhclient <your interface>
to get network access
nano /etc/yum.conf
exclude=grub2* shim* mokutil
/boot/efi/EFI/centos/shimx64.efi
replace by an older one taken from https://bugzilla.redhat.com/attachment.cgi?id=1702984
as published here: https://bugzilla.redhat.com/show_bug.cgi?id=1861977#c32
post from: Javier Martinez Canillas 2020-07-30 18:32:23 UTC
works
Wondering when to remove above mentioned yum exclusions?
Re: CVE-2020-10713
https://access.redhat.com/solutions/5272311 this apear resolve problem. i working on.
Re: CVE-2020-10713
Please note that there are currently no fixed CentOS packages for this so even though/if the RH KB article says it's fixed by updating to the latest, it is not yet on CentOS. RHEL have fixed packages out, CentOS do not. Yet.
CentOS 6 died in November 2020 - migrate to a new version!
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 is dead, do not use it.
Full time Geek, part time moderator. Use the FAQ Luke
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 is dead, do not use it.
Full time Geek, part time moderator. Use the FAQ Luke
- warron.french
- Posts: 552
- Joined: 2014/03/27 20:21:58
Re: CVE-2020-10713
This is very helpful to know upfront. Thank you TrevorH for the information.
I received this link - https://access.redhat.com/solutions/5272311 from a buddy of mine, because he knew I was having this problem.
It looks like Nacho (with his brother's help made some progress on the networking issue).
Thanks,
War
War
Re: CVE-2020-10713
You might want to short cut the network issue since even if you do that, yum currently only knows this one kernel and you cannot downgrade. Grab a web browser on a different machine and a USB stick, download all of the previous versions of everything returned by rpm -qa --qf '%{name}\n' kernel\* grub2\* shim\* | sort | uniq onto that, plug it into the broken machine, mount it somewhere, cd to it then yum --disablerepo=\* downgrade *.rpm
CentOS 6 died in November 2020 - migrate to a new version!
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 is dead, do not use it.
Full time Geek, part time moderator. Use the FAQ Luke
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 is dead, do not use it.
Full time Geek, part time moderator. Use the FAQ Luke
Re: CVE-2020-10713
I am told that new packages are in the process of being released. For CentOS 8 you will need shim packages with a version of 15-15.el8 or higher and it may be necessary to do a `yum clean all` before checking for new updates to pick it up. I'm not yet seeing this package on my local mirrors but the CentOS 7 one is there.
CentOS 6 died in November 2020 - migrate to a new version!
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 is dead, do not use it.
Full time Geek, part time moderator. Use the FAQ Luke
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 is dead, do not use it.
Full time Geek, part time moderator. Use the FAQ Luke
Re: CVE-2020-10713
My systems just tell me
bug fix available
shim-x64 15-15.el8_2
I'll give it a try on one of them
- looking good
so now done the other ones too
bug fix available
shim-x64 15-15.el8_2
I'll give it a try on one of them
- looking good
so now done the other ones too
-
- Posts: 1
- Joined: 2020/08/02 15:27:54
Re: CVE-2020-10713
deleted.
Last edited by groupboard on 2020/08/03 15:45:12, edited 1 time in total.