DCCP Linux Kernel local privilege escalation vulnerability (CVE-2017-6074)

A vulnerability has been found in the DCCP Linux kernel module which allows a local, unprivileged user to escalate privileges on a Linux system. DCCP is used to manage network traffic congestion in the application layer.

This issue affects Red Hat and CentOS releases 5, 6, and 7, as well as other Linux distributions. You should update your Kernel as soon as possible.

To mitigate without a Kernel upgrade, run the following command and reboot your system:

echo "install dccp /bin/true" >> /etc/modprobe.d/disable-dccp.conf

This will disable the DCCP module from loading on boot.

More information can be found here on Red Hat’s website.

Red Hat 7 Get back eth Network Device Names

On installation of Red Hat or CentOS 7, boot the Anaconda installer with net.ifnames=0 parameter.

On installer boot, hit the esc key.

anaconda-1

On the “boot” prompt, enter linux net.ifnames=0 and hit enter. The installer will now boot.

anaconda-2

Go into the network settings in the installer, and you should now see your network devices named eth0, eth1, etc.

anaconda-3

CentOS 6.3 Released

CentOS has released version 6.3 of their rebuild of the Red Hat enterprise Linux distribution.  This release announcement should be a surprise to most users, as the CentOS team was able to rebuild RHEL 6.3 for CentOS release in under 3 weeks!  Good work guys and our sincere congratulations from the San Diego Linux team.

H-Online has a great article about the new features in RHEL 6.3.  Most, if not all, features are available in CentOS 6.3.

 

You can read the full release announcement here.

You can read the full release notes here.