[Beowulf] Heads up - local root exploit in Linux kernel (CVE-2017-6074)
samuel at unimelb.edu.au
Wed Feb 22 18:27:03 PST 2017
Just a heads up that a local root exploit has been announced in the DCCP
stack in the Linux kernel going back quite a way (2005/2006). Having it
compiled as a module (as most kernels do) doesn't help as it will
auto-load when a user tries to call into it.
Red Hat info (includes work-around):
the RHEL work around is to disable loading that module with:
echo "install dccp /bin/true" >> /etc/modprobe.d/disable-dccp.conf
but there are also new kernels out.
Good luck folks!
Christopher Samuel Senior Systems Administrator
Melbourne Bioinformatics - The University of Melbourne
Email: samuel at unimelb.edu.au Phone: +61 (0)3 903 55545
More information about the Beowulf