[Users] Re: New kernel vuln...
Michael Stauber
mstauber at blueonyx.it
Wed Sep 2 10:49:20 EDT 2009
Hi Benny,
> > The exploit allows an unprivileged user to gain root access. However: The
> > exploit (as is) *only* works on the master node. NOT inside a VE.
>
> That is a very weak assurance. The failure of a specific implementation
> of an attack means very little.
True. And that's why I felt a little more secure after I patched my OpenVZ
kernels myself.
> Indeed. We attempted to move from Fedora to CentOS for a few servers.
> Lack of security updates got that attempt cancelled.
Well, this time around the CentOS team did one of their best turn arounds.
They released the patched CentOS5 Kernel on the same day as RedHat. But
unfortunately it was RedHat which sat on it for two weeks.
--
With best regards
Michael Stauber
More information about the Users
mailing list