Here is a list of affected/fixed Debian version: https://security-tracker.debian.org/tracker/CVE-2022-0185
Looks like buster/stretch aren’t affected…? > 21/01/2022 18:01、Russell Coker via luv-main <[email protected]>のメール: > > TLDR: For a typical user the only thing to do to maintain a secure system > with > normal functionality is to install the latest kernel update. > > > https://access.redhat.com/security/cve/CVE-2022-0185 > > This explanation of the bug with kernel namespaces is inadequate. If you > disable user namespaces then systemd functionality will be impacted. All > systemd users are using namespaces without really noticing it, it's not > limited to people running Docker or similar things. > > https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=940933 > > Above is a bug report related to disabling such functionality. I encountered > this issue after installing the hardening-runtime package in Debian which in > it's default configuration disables such namespaces as a preventative > measure. > Obviously this CVE proved the benefit in the hardening-runtime package but > also maintaining system functionality is a good thing. > > For Debian/Bullseye the package linux-image-5.10.0-11-amd64 has the fix for > this. > > -- > My Main Blog http://etbe.coker.com.au/ > My Documents Blog http://doc.coker.com.au/ > > _______________________________________________ > luv-main mailing list -- [email protected] > To unsubscribe send an email to [email protected]
_______________________________________________ luv-main mailing list -- [email protected] To unsubscribe send an email to [email protected]
