Details
On 2 September 2020, vulnerability CVE-2020-14386 was made public, disclosing a memory corruption problem with the Linux kernel. More details on this can be found at the following URL:
https://access.redhat.com/security/cve/cve-2020-14386
Currently this only effects RHEL8 systems so if you are using CentOS 7 or RHEL 7 you are not vulnerable.
Additionally, if you are running the KernelCare software on your system, there is already a patch available, with more details here:
https://blog.kernelcare.com/patch-cve-2020-14386-without-reboot-with-kernelcare
Testing
If you are using RHEL8 or CentOS 8 you can run the following command to confirm if your system is vulnerable:
# sysctl user.max_user_namespaces
user.max_user_namespaces = 15000
Any value reported here other than "0" would indicate the system is vulnerable. Until an updated kernel is available, setting that value to "0" will effectively mitigate the issue.
Comments
0 comments
Article is closed for comments.