Red Hat Security Blog: February 2017 archives

  • Debugging a kernel in QEMU/libvirt - Part II

    This blog has previously shown how to configure a Red Hat Enterprise Linux system for kernel debugging, it expects that the system has been configured, have the source code matching the installed kernel version handy, and the reader is ready to follow along. This should not be running on a productions system as system function interruption is guaranteed. The particular problem that will be investigated is CVE-2016-9793. As discussed on the Oss-security list, this vulnerability was classified...
    Posted 2017-02-24T14:30:00+00:00 - 0
  • Do you know where that open source came from?

    Last year, while speaking at RSA, a reporter asked me about container provenance. This wasn’t the easiest question to answer because there is a lot of nuance around containers and what’s inside them. In response, I asked him if he would eat a sandwich he found on the ground. The look of disgust I got was priceless, but it opened up a great conversation. Think about it this way: If there was a ham sandwich on the ground that looked mostly OK, would you eat it? You can clearly see it’s a ham...
    Posted 2017-02-08T14:30:00+00:00 - 0