CVE-2023-6931

[duinitouteng]

The scope of vulnerability impact for CVE-2023-6931 is Linux kernel 4.3 to 6.7; CentOS 7. x series kernel version 3.10.0. - xxx; Is the CentOS 7. x series affected by the CVE-2023-6931 vulnerability?

[TrevorH]

https://access.redhat.com/security/cve/CVE-2023-6931

RHEL 7 is listed as "Out of support scope" which means it's too old and the vulnerability not important enough. It also says

It is not possible to trigger this issue with the default kernel.perf_event_paranoid sysctl value 2. You may check it with:
cat /proc/sys/kernel/perf_event_paranoid

The default value is 2 on CentOS 7.

[jlehtone]

The default value is 2 on CentOS 7.

Seems to be default in el8 and el9 too.

The scope of vulnerability impact for CVE-2023-6931 is Linux kernel 4.3 to 6.7; CentOS 7. x series kernel version 3.10.0

RHEL 7 is listed as "Out of support scope"

While the RHEL 6 is listed as "Not Affected". The el7 kernel was originally based on / forked from upstream 3.10.0. Red Hat has backported fixes and features to it. (Quite many over the decade.) If upstream kernel did not have the feature before 4.3, then the affected component in el7 kernel is a result of backport.

rpm -q --changelog kernel shows:

Code: Select all

* Wed Sep 10 2014 Jarod Wilson <jarod@redhat.com> [3.10.0-155.el7]
- [tools] perf: Add perf_event_paranoid() (Jiri Olsa) [1133083]

The RHEL 7.0 had kernel 3.10.0-123 and 7.1 had 3.10.0-229, and upstream kernel 4.3 was released Nov 2015, so feature (but not necessarily the vulnerability) was backported to el7 kernel (in development of el7_1 version) -- before it was officially in any upstream kernel.