Re: [CentOS] CVE-2018-14634 and kernel-debuginfo ?

[Mark Milhollan]

On Tue, 25 Sep 2018, Zube wrote:

>Is there some way to get kernel-debuginfo-2.6.32-754.3.5.el6.x86_64?

Worst case use the full name:

yum install kernel-debuginfo-2.6.32-754.3.5.el6.x86_64


/mark
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] CVE-2018-14634 and kernel-debuginfo ?

[Zube]

On Tue Sep 25 04:50:19 PM, Akemi Yagi wrote:

> You can find it here:
> 
> http://debuginfo.centos.org/6/x86_64/
> 
> Because yum thinks the centos.plus version is newer, you'd need to
> manually download and install it.

Thanks.  That was very helpful.

Cheers,
Zube
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] CVE-2018-14634 and kernel-debuginfo ?

[Akemi Yagi]

On Tue, Sep 25, 2018 at 11:48 AM Zube  wrote:
>
> The current mitigation for CVE-2018-14634 is a systemtap script
> mentioned here:
>
> https://access.redhat.com/security/cve/cve-2018-14634
>
> It also mentions that one can build a kernel module to distribute
> to other machines, but in any case one needs the corresponding
> debuginfo packages to do either.
>
> After enabling CentOS-Debug.repo, what I get is:
>
> kernel-debuginfo-2.6.32-754.3.5.el6.centos.plus.x86_64
>
> which doesn't match, since I'm not running the centos.plus kernel,
> so the systemtap script fails (tested only on CentOS 6 for the moment).
>
> Is there some way to get kernel-debuginfo-2.6.32-754.3.5.el6.x86_64?
>
> Thanks for any help.
>
> Cheers,
> Zube

You can find it here:

http://debuginfo.centos.org/6/x86_64/

Because yum thinks the centos.plus version is newer, you'd need to
manually download and install it.

Akemi
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos