Hi was wondering if anyone was aware of fix/solution for the DirtyCred vulnerability affecting linux kernel versions 5.8 or higher.
i have a number of vyos routers running VyOS 1.4-rolling-202109030217 with kernel version 5.10.61-amd64-vyos
A short description about the vulnerability can be found here:
hoping to find a fix that wont cause a network outage
To be honest, I would say you have other security issues to think about with a rolling release of 1 year old.
But, thats just my $0,02.
And, from the original report:
It can be mitigated by those users who do not rely on cls_route, by adding 'install cls_route /bin/true' to their modprobe.conf or modprobe.d configs, in case it's built as a module.
On my VyOS 1.4 (20220824) the module isn’t even loaded so that fix should be safe.