1674026239 J * Ghislain ~ghislain@adsl2.aqueos.com 1674033198 M * Ghislain dam.... 4.9 EOL and a major privileges escalation in the kernel is out 1674033246 M * Ghislain ..that gain root access so very usefull to escape vserver 1674035210 M * Guy- Ghislain: link please 1674035405 M * Ghislain https://securityonline.info/cve-2023-0179-linux-kernel-privilege-escalation-vulnerability/ 1674035459 M * Ghislain well not sure this is this one it was in the podcast ISC stormcast 1674035768 M * Ghislain seems disabling CONFIG_VLAN_8021Q in the compiling of the kernel will prevent it 1674043496 M * Bertl I do not think that the 4.4 or 4.9 kernels have the necessary code paths for the exploit 1674046322 M * Ghislain not sure it seems this was in the kernel "for years", i just disabled the vlan 8021qas i dont use them in my kernels 1674046335 M * Ghislain i cant find a list of the kernel impacted 1674046804 M * Ghislain oh seems right f6ae9f1 "seems" to be from 2019, so not in 4.9 1674046835 M * Ghislain well i am releived 1674046838 M * Guy- CVE-2023-0179 is exploitable starting from commit f6ae9f1 up to commit 1674046842 M * Ghislain sorry for the false alarm 1674046860 M * Guy- ... 696e1a48b1a1. 1674046907 M * Ghislain well hard to know if the patch was included in the 4.9 update but reading the source code it seems not 1674047060 M * Guy- 4.9.336 doesn't appear to have the line with the misplaced plus sign 1674047130 M * Guy- the code looks different but the place where I think the newer kernels have the bug looks OK (I say this without having performed any deep analysis) 1674058988 M * Ghislain well Guy you have all night for that ! :p 1674059650 M * Guy- thank you, I really appreciate your patience :) 1674059847 M * Ghislain lol 1674059867 M * Ghislain you can just ask chatgpt.... 1674065044 M * Guy- yes, that always works: https://twitter.com/quintic/status/1611755277434462208/photo/1 :) 1674070027 Q * Ghislain Quit: Leaving.