CVE-2023-6931
-
- Posts: 1
- Joined: 2024/04/29 03:21:52
CVE-2023-6931
The scope of vulnerability impact for CVE-2023-6931 is Linux kernel 4.3 to 6.7; CentOS 7. x series kernel version 3.10.0. - xxx; Is the CentOS 7. x series affected by the CVE-2023-6931 vulnerability?
Re: CVE-2023-6931
https://access.redhat.com/security/cve/CVE-2023-6931
RHEL 7 is listed as "Out of support scope" which means it's too old and the vulnerability not important enough. It also says
It is not possible to trigger this issue with the default kernel.perf_event_paranoid sysctl value 2. You may check it with:
cat /proc/sys/kernel/perf_event_paranoid
The default value is 2 on CentOS 7.
RHEL 7 is listed as "Out of support scope" which means it's too old and the vulnerability not important enough. It also says
It is not possible to trigger this issue with the default kernel.perf_event_paranoid sysctl value 2. You may check it with:
cat /proc/sys/kernel/perf_event_paranoid
The default value is 2 on CentOS 7.
The future appears to be RHEL or Debian. I think I'm going Debian.
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke
Re: CVE-2023-6931
Seems to be default in el8 and el9 too.
duinitouteng wrote: ↑2024/04/29 05:46:06The scope of vulnerability impact for CVE-2023-6931 is Linux kernel 4.3 to 6.7; CentOS 7. x series kernel version 3.10.0
While the RHEL 6 is listed as "Not Affected". The el7 kernel was originally based on / forked from upstream 3.10.0. Red Hat has backported fixes and features to it. (Quite many over the decade.) If upstream kernel did not have the feature before 4.3, then the affected component in el7 kernel is a result of backport.
rpm -q --changelog kernel shows:
Code: Select all
* Wed Sep 10 2014 Jarod Wilson <jarod@redhat.com> [3.10.0-155.el7]
- [tools] perf: Add perf_event_paranoid() (Jiri Olsa) [1133083]