Applying a patch for kernel vulnerability issue
Issue
- Openstack overcloud servers (or almost) are affected by a vulnerability linked to a kernel component (CVE-2017-1000253). The vulnerability relates to Linux kernel packages provided with Red Hat Enterprise Linux 7 with version 3.10.0-693. Therefore on all servers currently hosting the Openstack platform we should run the patches by performing an update. Before doing a complete update, as a temporary workaround we could apply the following mitigation:
Environment
- Red Hat OpenStack Platform Version 10.0
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.