Index of /experimental/cve_2016_5195

Icon  Name                                             Last modified      Size  Description
[PARENTDIR] Parent Directory - [DIR] repodata/ 2016-10-23 00:54 - [   ] cve_2016_5195-debuginfo-0.3-1.centos6.x86_64.rpm 2016-10-23 00:53 2.1K [   ] cve_2016_5195-0.3-1.slc6.x86_64.rpm 2016-10-21 16:26 37K [   ] 2016-10-21 16:26 39K [   ] cve_2016_5195-0.3-1.centos6.x86_64.rpm 2016-10-23 00:53 34K [   ] cve_2016_5195-0.3-1.centos6.src.rpm 2016-10-23 00:53 142K
Partial CVE-2016-5195 mitigations for the original exploit

With thanks to Vincent Brillault @CERN!

This implements the partial mitigation as described in
packaged up to depend on systemtap-runtime only.
This contains the CentOS6 builds (2.6.32-642+ series) that were done
and minimally tested at Nikhef. 
And, yes, they WILL taint your kernel, as I cannot sign them with the CentOS
key for obvious reasons ;-)

Original work
For CentOS 7:
For SLC6:
for the original sources and details, as well as for the SLC6/CC7 builds.

Included modules

Check if it works
The following should appear in the dmesg output (or your messages syslog):

cve_2016_5195: systemtap: 2.9/0.164, base: ffffffffa04b5000, memory: 95data/36text/80ctx/2058net/33alloc kb, probes: 4
CVE-2016-5195 mitigation loaded