How to fix "Dirty COW" on CentOS 6.8(linux 2.6.32)?
Re: How to fix "Dirty COW" on CentOS 6.8(linux 2.6.32)?
No, CentOS does not work like that. When a new point release is made available, all updates for previous point releases stop. The next point release is the update. If you need to stay on a specific point release but still get security updates then you need to subscribe to the RHEL EUS program (and open your wallet).
The future appears to be RHEL or Debian. I think I'm going Debian.
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke
Re: How to fix "Dirty COW" on CentOS 6.8(linux 2.6.32)?
So, fix for CentOS 6.x is not yet ready, correct? Been reading up on the wrong board (CentOS 7.x) and looks like theirs is already ready? (viewtopic.php?f=51&t=59782&start=20)
Thanks.
Thanks.
Re: How to fix "Dirty COW" on CentOS 6.8(linux 2.6.32)?
The above two messages were in relation to CentOS 6.7, which stopped being supported when 6.8 came out.
The kernel update for 6.8 was released early this morning (depending on your timezone) so you should get it with a simple yum update now.
The kernel update for 6.8 was released early this morning (depending on your timezone) so you should get it with a simple yum update now.
Re: How to fix "Dirty COW" on CentOS 6.8(linux 2.6.32)?
Thanks @avij. I'm on 6.8 and I've been doing yum updates/yum clean/etc (even did the rm -rf /var/cache/yum...) but I'm still on:
$ rpm -q kernel
kernel-2.6.32-358.11.1.el6.x86_64
kernel-2.6.32-358.18.1.el6.x86_64
kernel-2.6.32-431.11.2.el6.x86_64
kernel-2.6.32-642.6.1.el6.x86_64
kernel-2.6.32-642.6.2.el6.x86_64
Any thoughts?
Thanks.
$ rpm -q kernel
kernel-2.6.32-358.11.1.el6.x86_64
kernel-2.6.32-358.18.1.el6.x86_64
kernel-2.6.32-431.11.2.el6.x86_64
kernel-2.6.32-642.6.1.el6.x86_64
kernel-2.6.32-642.6.2.el6.x86_64
Any thoughts?
Thanks.
Re: How to fix "Dirty COW" on CentOS 6.8(linux 2.6.32)?
I updated earlier today
this command
$ rpm -q kernel
returns me the same info as you received
this command
$ uname -r
returns kernel-2.6.32-642.6.2.el6.x86_64
this command
$ rpm -q kernel
returns me the same info as you received
this command
$ uname -r
returns kernel-2.6.32-642.6.2.el6.x86_64
Re: How to fix "Dirty COW" on CentOS 6.8(linux 2.6.32)?
Did you check to make sure your entries in grub updated to the new kernel?
Re: How to fix "Dirty COW" on CentOS 6.8(linux 2.6.32)?
How to check @enjinn?
Re: How to fix "Dirty COW" on CentOS 6.8(linux 2.6.32)?
Use your favorite editor (vi, vim, nano, etc) and open /boot/grub/grub.conf. I would read this first https://wiki.centos.org/HowTos/GrubInstallation before you edit the file.
Re: How to fix "Dirty COW" on CentOS 6.8(linux 2.6.32)?
The fixed kernel for CentOS 6 is kernel-2.6.32-642.6.2.el6.x86_64 as can be verified by running rpm -q --changelog kernel-2.6.32-642.6.2.el6.x86_64 | grep CVE-2016-5195
If you want to check if you're actually running the fixed kernel then you can run rpm -q --changelog kernel-$(uname -r) | grep CVE-2016-5195 which should return the same output if you're running a fixed kernel or nothing if you are not.
Code: Select all
$ rpm -q --changelog kernel-2.6.32-642.6.2.el6.x86_64 | grep CVE-2016-5195
- [mm] close FOLL MAP_PRIVATE race (Larry Woodman) [1385116 1385117] {CVE-2016-5195}
The future appears to be RHEL or Debian. I think I'm going Debian.
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke
Re: How to fix "Dirty COW" on CentOS 6.8(linux 2.6.32)?
In other words..
Running uname -r shows which kernel version you are running. For the Dirty COW fix, you would need to be running 2.6.32-642.6.2 or newer.
rpm -q kernel shows which kernel versions are installed on your system. If you see kernel-2.6.32-642.6.2.el6 in the output, you have the fixed kernel installed. If this does not match what you are actually running (see above), try rebooting with shutdown -r now and run the uname -r check again.
Running uname -r shows which kernel version you are running. For the Dirty COW fix, you would need to be running 2.6.32-642.6.2 or newer.
rpm -q kernel shows which kernel versions are installed on your system. If you see kernel-2.6.32-642.6.2.el6 in the output, you have the fixed kernel installed. If this does not match what you are actually running (see above), try rebooting with shutdown -r now and run the uname -r check again.