Upstream fix if anyone wants to try rolling their own: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=19be0eaffa3ac7d8eb6784ad9bdbc7d67ed8e619 On Thu, Oct 20, 2016 at 2:13 PM, Steven Haigh <[log in to unmask]> wrote: > (Reproduced below) > > Red Hat Product Security has been made aware of a vulnerability in the > Linux kernel that has been assigned CVE-2016-5195. This issue was > publicly disclosed on October 19, 2016 and has been rated as Important. > > Background Information > > A race condition was found in the way the Linux kernel's memory > subsystem handled the copy-on-write (COW) breakage of private read-only > memory mappings. An unprivileged local user could use this flaw to gain > write access to otherwise read-only memory mappings and thus increase > their privileges on the system. > > This could be abused by an attacker to modify existing setuid files with > instructions to elevate privileges. An exploit using this technique has > been found in the wild. > > Impacted Products > > The following Red Hat Product versions are impacted: > > Red Hat Enterprise Linux 5 > Red Hat Enterprise Linux 6 > Red Hat Enterprise Linux 7 > Red Hat Enterprise MRG 2 > Attack Description and Impact > > This flaw allows an attacker with a local system account to modify > on-disk binaries, bypassing the standard permission mechanisms that > would prevent modification without an appropriate permission set. This > is achieved by racing the madvise(MADV_DONTNEED) system call while > having the page of the executable mmapped in memory. > > Take Action > > All Red Hat customers running the affected versions of the kernel are > strongly recommended to update the kernel as soon as patches are > available. Details about impacted packages as well as recommended > mitigation are noted below. A system reboot is required in order for the > kernel update to be applied. > > Mitigation > > Please reference bug 1384344 for detailed mitigation steps. > > Updates for Affected Products > > A kpatch for customers running Red Hat Enterprise Linux 7.2 or greater > is available. Please open a support case to gain access to the kpatch. > > ----------- END ADVICE ----------- > > Possible mitigation for the issue: > > https://bugzilla.redhat.com/show_bug.cgi?id=1384344#c13 > > There are currently no fixed packages available anywhere to resolve this. > > -- > Steven Haigh > > Email: [log in to unmask] > Web: https://www.crc.id.au > Phone: (03) 9001 6090 - 0412 935 897 >