View previous topic :: View next topic |
Author |
Message |
msulli1355 Apprentice
Joined: 24 Nov 2005 Posts: 179 Location: OKlahoma, USA
|
Posted: Tue Oct 25, 2016 12:21 am Post subject: Remove ulnerability To Dirty Cow [SOLVED] |
|
|
I saw a thread in the linux group at Yahoo yesterday about Dirty Cow. It made reference to the following website:
http://www.theregister.co.uk/2016/10/21/linux_privilege_escalation_hole/
I installed the Gentoo system I'm currently using last April. Am I vulnerable to this? I searched google for "gentoo, dirty cow" and didn't come up with anything. Also, I grepped glsa-check -d all for CVE-2016-5195 and came up empty on that as well. What do I need to do (if anything) to deal with this?
Last edited by msulli1355 on Tue Oct 25, 2016 9:39 pm; edited 1 time in total |
|
Back to top |
|
|
russK l33t
Joined: 27 Jun 2006 Posts: 665
|
Posted: Tue Oct 25, 2016 12:45 am Post subject: |
|
|
If you use gentoo-sources update to sys-kernel/gentoo-sources-4.4.26, it has the patch and it's been marked stable.
It's been talked about here: 1053368 |
|
Back to top |
|
|
msulli1355 Apprentice
Joined: 24 Nov 2005 Posts: 179 Location: OKlahoma, USA
|
Posted: Tue Oct 25, 2016 1:39 am Post subject: |
|
|
I'm running 4.5.1, so I should be okay, yes?
michael@caitlyn ~ $ uname -a
Linux caitlyn 4.5.1-gentoo #3 SMP Thu Jun 30 19:03:51 CDT 2016 x86_64 GNU/Linux |
|
Back to top |
|
|
Buffoon Veteran
Joined: 17 Jun 2015 Posts: 1369 Location: EU or US
|
Posted: Tue Oct 25, 2016 1:44 am Post subject: |
|
|
msulli1355 wrote: | I'm running 4.5.1, so I should be okay, yes?
michael@caitlyn ~ $ uname -a
Linux caitlyn 4.5.1-gentoo #3 SMP Thu Jun 30 19:03:51 CDT 2016 x86_64 GNU/Linux |
Nope. |
|
Back to top |
|
|
russK l33t
Joined: 27 Jun 2006 Posts: 665
|
|
Back to top |
|
|
Hu Moderator
Joined: 06 Mar 2007 Posts: 21631
|
Posted: Tue Oct 25, 2016 3:38 am Post subject: |
|
|
msulli1355 wrote: | I'm running 4.5.1, so I should be okay, yes?
michael@caitlyn ~ $ uname -a
Linux caitlyn 4.5.1-gentoo #3 SMP Thu Jun 30 19:03:51 CDT 2016 x86_64 GNU/Linux | Your kernel was built in June. The patch was written in October. You need a kernel that predates the bug (~2.6.22 if I understand correctly) or something patched within about the last week. I strongly recommend going forward, not backward. |
|
Back to top |
|
|
msulli1355 Apprentice
Joined: 24 Nov 2005 Posts: 179 Location: OKlahoma, USA
|
Posted: Tue Oct 25, 2016 9:39 pm Post subject: |
|
|
Now I"ve got 4.7.10, so I should be good now.
michael@caitlyn ~ $ uname -a
Linux caitlyn 4.7.10-gentoo #1 SMP Tue Oct 25 10:49:52 CDT 2016 x86_64 GNU/Linux |
|
Back to top |
|
|
|