Deployed ce94068 with MkDocs version: 1.5.3

issues/CVE-2024-1086/index.html

@@ -733,17 +733,17 @@
 <p>Both EL9 and EL8 are affected. We will of course rebuild upstream's fix as soon as it arrives.</p>
 <h2 id="mitigation">Mitigation<a class="headerlink" href="#mitigation" title="Permanent link">&para;</a></h2>
 <p>Meanwhile, we recommend two mitigations:</p>
-<ol>
+<ul>
 <li>If you don't use containers, we recommend that you disable user namespaces e.g. by running the below commands as root:</li>
-</ol>
+</ul>
 <div class="highlight"><pre><span></span><code>echo user.max_user_namespaces=0 &gt; /etc/sysctl.d/userns.conf
 sysctl -p /etc/sysctl.d/userns.conf
 </code></pre></div>
 <p>This is a mitigation also suggested by Red Hat.
 It is expected to fully mitigate this and other/future related vulnerabilities.</p>
-<ol>
+<ul>
 <li>Install our <a href="../../packages/lkrg/">package of LKRG</a>, start and enable the service.</li>
-</ol>
+</ul>
 <p>This does not fully mitigate the vulnerability,
 but it reliably prevents the specific exploit referenced above from working and produces LKRG alerts when the exploit is run.
 LKRG's feature that does so is its allow list for the kernel's usermodehelper.