security
/
wiki
generated from sig_core/wiki-template
8
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge pull request 'issues/CVE-2024-1086.md: Hopefully fix mitigations list formatting' (#28) from solardiz-patch-26 into main
mkdocs build / build (push) Successful in 28s Details 

Reviewed-on: #28
Reviewed-by: Neil Hanlon <neil@noreply@resf.org>
This commit is contained in:
Neil Hanlon 2024-03-28 19:37:45 +00:00
parent f91c83801a f799941890
commit ce94068981
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
docs/issues/CVE-2024-1086.md
View File

@ -22,7 +22,7 @@ Both EL9 and EL8 are affected. We will of course rebuild upstream's fix as soon
Meanwhile, we recommend two mitigations:
1. If you don't use containers, we recommend that you disable user namespaces e.g. by running the below commands as root:
- If you don't use containers, we recommend that you disable user namespaces e.g. by running the below commands as root:
```
echo user.max_user_namespaces=0 > /etc/sysctl.d/userns.conf
@ -32,7 +32,7 @@ sysctl -p /etc/sysctl.d/userns.conf
This is a mitigation also suggested by Red Hat.
It is expected to fully mitigate this and other/future related vulnerabilities.
2. Install our [package of LKRG](../packages/lkrg.md), start and enable the service.
- Install our [package of LKRG](../packages/lkrg.md), start and enable the service.
This does not fully mitigate the vulnerability,
but it reliably prevents the specific exploit referenced above from working and produces LKRG alerts when the exploit is run.