Hello, I appears that we still don't have a new kernel to fix the kernel exploit that is going around. I have created SL_fix_bad_km that will help mitigate the vulnerability. This rpm does 3 things. 1 - Attempts to unload any affected kernel modules that have already been loaded. This part hasn't been working to well, but I've stayed on the safe side so I don't crash the computer. 2 - Moves all affected kernel modules into an area that the kernel doesn't know about, so that they will not be loaded. 3 - Sends an email to root telling root what it has done. Note1: This does *not* fix the kernel. It only moves kernel modules that are currently known to be affected so that they will not be loaded. Note2: This new version should only send one email out when installed. The subject also has the hostname and status in it To test or update SL3 ------- yum -c http://ftp.scientificlinux.org/linux/scientific/30rolling/testing/yum.conf install SL_fix_bad_km or you can download the rpm by hand at http://ftp.scientificlinux.org/linux/scientific/30rolling/testing/i386/RPMS/fix/ http://ftp.scientificlinux.org/linux/scientific/30rolling/testing/x86_64/RPMS/fix/ SL4 ------- yum --enablerepo=sl-testing install SL_fix_bad_km or you can download rpm's by hand at http://ftp.scientificlinux.org/linux/scientific/40rolling/testing/i386/RPMS/fix/ http://ftp.scientificlinux.org/linux/scientific/40rolling/testing/x86_64/RPMS/fix/ SL5 ------- yum --enablerepo=sl-testing install SL_fix_bad_km or you can download rpm's by hand at http://ftp.scientificlinux.org/linux/scientific/5rolling/testing/i386/fix/ http://ftp.scientificlinux.org/linux/scientific/5rolling/testing/x86_64/fix/ Thanks Troy Dawson -- __________________________________________________ Troy Dawson [log in to unmask] (630)840-6468 Fermilab ComputingDivision/LCSI/CSI DSS Group __________________________________________________
