kernel: descendant's dumpable setting with certain SUID binaries Reference: [https://www.openwall.com/lists/oss-security/2021/10/20/2] ========Wind River Notice======== [Mitigation] According to the solution from SUSE[1] 's bug tracking system[2], this exploit can be mitigated using a workaround: Change /proc/sys/kernel/core_pattern to an absolute, safe directory (this way, logrotate cannot be triggered). Ref: [1] [https://www.suse.com/security/cve/CVE-2021-3864.html] [2] [https://bugzilla.suse.com/show_bug.cgi?id=1191281]
