CVE-2022-0847

Support for security such as Firewalls and securing linux
Post Reply
linuxenjoyer
Posts: 1
Joined: 2022/03/10 19:40:43

CVE-2022-0847

Post by linuxenjoyer » 2022/03/10 19:42:48

Is the CentOS Stream 8 kernel vulnerable to CVE-2022-0847? And if so, is there an ETA to resolve this or a proposed mitigation? I see no such information on official channels.

Thank you

User avatar
TrevorH
Site Admin
Posts: 33202
Joined: 2009/09/24 10:40:56
Location: Brighton, UK

Re: CVE-2022-0847

Post by TrevorH » 2022/03/10 20:42:28

The RHEL 8 fixed kernel came out about 4 hours ago.

Red Hat have previously stated that they will fix security problems in RHEL first as it is their primary target. They've never given any indication of when Stream security fixes will be released or even if they ever will. Their attitude seems to be you get it when you are given it and should be grateful when that happens. It is one of the reasons why many of us will never run Stream. I'd suggest searching out their FAQ about Stream security fixes as they use different words and the above is just my interpretation of it.
The future appears to be RHEL or Debian. I think I'm going Debian.
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke

User avatar
TrevorH
Site Admin
Posts: 33202
Joined: 2009/09/24 10:40:56
Location: Brighton, UK

Re: CVE-2022-0847

Post by TrevorH » 2022/03/22 20:00:48

There was a kernel hit git.centos.org earlier today that lists this CVE as being fixed. It's being built/tested ready for release at some point, hopefully sooner rather than later.
The future appears to be RHEL or Debian. I think I'm going Debian.
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke

Post Reply