CentOSPlus kernel that mitigates CVE-2014-4699 now available

Saturday, 19, July 2014 Akemi Yagi kernel, security 1 Comment

The Linux kernel before 3.15.4 on Intel processors does not properly restrict use of a non-canonical value for the saved RIP address in the case of a system call that does not use IRET, which allows local users to leverage a race condition and gain privileges, or cause a denial of service (double fault), via a crafted application that makes ptrace and fork system calls.

This issue affects CentOS-6 and -7 kernels. An updtream fix has now been applied to the CenOSPlus kernels.



One thought on "CentOSPlus kernel that mitigates CVE-2014-4699 now available"

  1. Andre Gompel says:

    1) CentOS 7 install is buggy (GRUB assigne the wrong UUID)

    2) So far, no broadcom package is available for Wifi (broadcom-wl-xxxx.rpm) the Fedora package does not install.

    Several HP and Dell notebooks use the broadcom chip. And broadcom does not provide anymore a package (the source build+install is overly complex).

Leave a Reply

Your email address will not be published. Required fields are marked *