AVG-2747 - log back

AVG-2747 edited at 21 Mar 2023 21:11:04
Advisory qualified
- Yes
+ No
AVG-2747 created at 25 May 2022 19:31:41
Packages
+ linux-hardened
Issues
+ CVE-2022-1729
Status
+ Fixed
Severity
+ High
Affected
+ 5.17.9.hardened1-1
Fixed
+ 5.17.10.hardened1-1
Ticket
Advisory qualified
+ Yes
References
Notes
+ By default, for linux-hardened, an unprivileged user can't trigger an attack. To prevent the possibility of an unprivileged users' attack, set kernel.perf_event_paranoid to the value 3.
+ To confirm the current state, inspect the sysctl with the command:
+
+ cat /proc/sys/kernel/perf_event_paranoid
+
+ The setting >=3 would mean that unprivileged users can not use performance events, mitigating the flaw.