Hello,
I appears that we still don't have a new kernel to fix the kernel
exploit that is going around. I have created SL_fix_bad_km that will
help mitigate the vulnerability.
This rpm does 3 things.
1 - Attempts to unload any affected kernel modules that have already
been loaded. This part hasn't been working to well, but I've stayed on
the safe side so I don't crash the computer.
2 - Moves all affected kernel modules into an area that the kernel
doesn't know about, so that they will not be loaded.
3 - Sends an email to root telling root what it has done.
Note1: This does *not* fix the kernel. It only moves kernel modules
that are currently known to be affected so that they will not be loaded.
Note2: This new version should only send one email out when installed.
The subject also has the hostname and status in it
To test or update
SL3
-------
yum -c
http://ftp.scientificlinux.org/linux/scientific/30rolling/testing/yum.conf
install SL_fix_bad_km
or you can download the rpm by hand at
http://ftp.scientificlinux.org/linux/scientific/30rolling/testing/i386/RPMS/fix/
http://ftp.scientificlinux.org/linux/scientific/30rolling/testing/x86_64/RPMS/fix/
SL4
-------
yum --enablerepo=sl-testing install SL_fix_bad_km
or you can download rpm's by hand at
http://ftp.scientificlinux.org/linux/scientific/40rolling/testing/i386/RPMS/fix/
http://ftp.scientificlinux.org/linux/scientific/40rolling/testing/x86_64/RPMS/fix/
SL5
-------
yum --enablerepo=sl-testing install SL_fix_bad_km
or you can download rpm's by hand at
http://ftp.scientificlinux.org/linux/scientific/5rolling/testing/i386/fix/
http://ftp.scientificlinux.org/linux/scientific/5rolling/testing/x86_64/fix/
Thanks
Troy Dawson
--
__________________________________________________
Troy Dawson [email protected] (630)840-6468
Fermilab ComputingDivision/LCSI/CSI DSS Group
__________________________________________________
