I'm curious about the status of kernel fixes for CVE-2018-8897 (POP SS) in CentOS, given that:
1. RHEL 7.5 is out, and RHEL 7.4 is moved to Extended Update Support (meaning that updated kernel packages won't make their way into CentOS 7.4)
2. CentOS 7.5 is not released yet, meaning that the RHEL 7.5 kernel fixes are not available yet.
I'm wondering about the specific case of CVE-2018-8897, but more broadly, is there some sort of time gap when a new RHEL version is released, during which security updates are not available to CentOS users?
CVE-2018-8897
Re: CVE-2018-8897
A new, 7.5's kernel can already be installed from the cr repository.
Yes, there is usually slight delay before the cr repo is populated after a RHEL release.
Yes, there is usually slight delay before the cr repo is populated after a RHEL release.
Re: CVE-2018-8897
https://wiki.centos.org/AdditionalResou ... itories/CR describes the problem and the solution.