Portal Home > Knowledgebase > Articles Database > Centos 6 / Rhel 6 == Security hole -- Privledge esclation (CVE-2012-0056)
Centos 6 / Rhel 6 == Security hole -- Privledge esclation (CVE-2012-0056)
Posted by Steven, 01-24-2012, 03:43 AM |
I didn't see anything about this on here so I am posting about it, to make people aware.
https://rhn.redhat.com/errata/RHSA-2012-0052.html
https://www.redhat.com/security/data...2012-0056.html
How to test if vuln
Ref: https://access.redhat.com/kb/docs/DOC-69129
Ksplice has an update out
|
Posted by SimplicityHarry, 01-24-2012, 01:47 PM |
I already posted about this in another thread... and if the lack of replies are anything to go by then nobody cares about this vulnerability, even though as severity goes it's a big one.
|
Posted by Steven, 01-24-2012, 01:50 PM |
I saw your thread after mine. Most people don't won't even pay attention to an issue like this if you don't flat out say it affects X operating system.
|
Posted by SPaReK, 01-24-2012, 02:19 PM |
I am wondering how many people are actually using CentOS 6 (not sure about RHEL) and are actually affected by this.
From what I've read a lot of people are skipping CentOS 6 or at least not upgrading to it just yet.
|
Posted by BiggyMike, 01-24-2012, 02:46 PM |
running centos 6.2 here openvz and not vulnerable at all
|
Posted by Steven, 01-24-2012, 02:53 PM |
Centos 6 is a learning curve for some people so they have not upgraded.
Almost everything we have deployed in the last couple months has been Cent6/Rhel6/Sci6.
|
Posted by hb9aj4fn, 01-24-2012, 04:04 PM |
I am running CentOS 6.2, but I can't find any update for this security issue on http://www.mail-archive.com/centos-a.../maillist.html
I would expect them to release the update from Redhat very soon?
|
Posted by Steven, 01-24-2012, 04:22 PM |
Centos will release it when they get around to it. They are not always the fastest.
|
Posted by hb9aj4fn, 01-24-2012, 04:44 PM |
Thanks. I just received updates from CentOS mailing list on my RSS feed, and finally they have released the fix: http://www.mail-archive.com/centos-a.../msg06380.html
Hope it will not take long syncing to the mirrors - waiting for it in yum ...
|
Posted by wartungsfenster, 01-24-2012, 05:40 PM |
Well, if CentOS 6 is affected then is it paranoid to assume this is not at all something limited to kernels above 2.6.37, but instead goes back to older ones?
|
Posted by brianoz, 01-24-2012, 07:07 PM |
All our servers are running 2.6.18 and thus not affected (this only affects 2.6.37+, if I've understood correctly?)
|
Posted by SimplicityHarry, 01-25-2012, 10:44 AM |
That is correct.
|
Add to Favourites Print this Article
Also Read