[perfsonar-announce] RedHat CVE and New CentOS 6 Kernel
- From: Andrew Lake <>
- To: "" <>,
- Subject: [perfsonar-announce] RedHat CVE and New CentOS 6 Kernel
- Date: Thu, 13 Jul 2017 09:12:38 -0400
- Ironport-phdr: 9a23:9fkbeRUVl/WFS54kKuz8rCXzSBfV8LGtZVwlr6E/grcLSJyIuqrYZhaDt8tkgFKBZ4jH8fUM07OQ6P+wHzFYqb+681k8M7V0HycfjssXmwFySOWkMmbcaMDQUiohAc5ZX0Vk9XzoeWJcGcL5ekGA6ibqtW1aSV3DMl8/PunvFJXVic2tkv2p9of7YgNUiSC7bK8oahi6sE+Z4tEbm4V5LaA40F7UuXZSU+VQ2W5yI1+PxVDx6trmuNZ7/j5eoPUn/tQFWKP8eLk+RrFwDTI6Pnoz6dGx8xTPUFih/HwZB0wQngBFHEDh5RL3FsP4tCfrnudmni+XIZulHvgPRT2+4vIzG1fTgyAdOmth/Q==
A new kernel has veen released for CentOS6. The CVE with details can be found below:
A 'yum update' may give you a new non-web100 kernel and therefore break access to NDT/NPAD. Consult our FAQ for more info: http://www.perfsonar.net/about/faq/#Q25
Our read of the CVE does not find any issue of concern specific to the toolkit. Its possible the host may be vulnerable to some types of DoS attacks in some particular cases. If you are in doubt about your kernel, feel free to review the CVE, upgrade to the latest version, and forgo NDT/NPAD support for the time being. We are in the process of building and testing a new kernel, and will alert you when we have our web100 patched version available. We'll try to have it ready as soon as possible.
NOTE: The perfSONAR project will not be applying the web100 patch to any kernels released after October 17, 2017. This patch is only for CentOS 6 as the web100 patch is not compatible with the kernel released for CentOS 7.
Thank you for your patience,
The perfSONAR Team
- [perfsonar-announce] RedHat CVE and New CentOS 6 Kernel, Andrew Lake, 07/13/2017
Archive powered by MHonArc 2.6.19.