On Sat, 22 Oct 2016, Akemi Yagi wrote:
> On Sat, Oct 22, 2016 at 10:58 AM, Andrew Z <[log in to unmask]> wrote:
>> Pat and team,
>> Do we have an estimate on the world shattering vulnerability ?
>
> As you are aware, this depends on how soon upstream (Red Hat) releases
> the updated RHEL kernels. Here is one reply from a RH person:
>
> " I apologize but we can't provide a time frame around releases for
> security fixes. We are, as you mentioned, of course working diligently
> to address this issue as quickly as possible."
>
> https://access.redhat.com/security/vulnerabilities/2706661#comment-1111661
>
> Akemi
As well, the importance of this vulnerability hinges on user access;
in SANS newsbites yesterday, one of the editors made this remark
about this kernel vulnerablity (branded by the person(s) who raised
the issue: "Dirty Cow"):
This is a privilege escalation vulnerability that was introduced in Linux
about 11 years ago. An exploit has been used in some attacks to take
advantage of this vulnerability, but the exploit has not been made
public yet. Systems based on RedHat ES 5 and 6, which are vulnerable,
appear to be not susceptible to the exploit as this particular exploit
requires write access to /proc/self/mem. Given that this exploit
requires user access, and the actual exploit is only in limited
distribution (but this may change soon), "branding" this exploit is
hyping a minor and common vulnerability and only serves to distract
administrators from more important tasks. Deal with patches for this
vulnerability like you would deal with any other kernel patch.
https://www.sans.org/newsletters/newsbites/xviii/84
cheers, etc.
--
deatrich @ triumf.ca, Science/ATLAS PH: +1 604-222-7665
<*> This moment's fortune cookie:
Happiness isn't something you experience; it's something you remember.
-- Oscar Levant
|
