Security Advisory: Important Linux Kernel Vulnerability
Posted by Kevin Stange on 24 October 2016 01:39 PM |
|
Update: This advisory has been updated with information for users running CentOS 5. No other information has been changed, however if you have not yet taken action, we encourage you to do so as soon as possible. Important Note: CentOS 5 will reach its end of life on March 31, 2017, at which point security updates will no longer be produced. We strongly recommend upgrading to a newer version of CentOS before this date. Upgrading to CentOS 7 will provide support through June 30, 2024. Please contact support if you'd like to plan an upgrade. A vulnerability has recently been disclosed in the Linux kernel which affects all supported Linux systems running any distribution. This vulnerability is serious and may allow a remote exploit or local user to cause privilege escalation, resulting in root access to your server. A working example of the exploit has already been publicly disclosed, thus no advanced knowledge of the Linux kernel is required to gain root access once shell access has been obtained on the target system. The CVE entry for this vulnerability may be found here: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5195 Windows users are unaffected by this vulnerability. We have not evaluated the status of Linux distributions or versions not mentioned here. You should consult your distribution's security documentation to determine if your distribution is vulnerable and how to apply the update. It is especially important to upgrade your kernel if your system provides multi-user services via shell accounts, jail or container-based virtualization, or dynamic web sites. Updates which fix this vulnerability and other security issues and bugs are available immediately for most systems. CentOSCentOS has patched this vulnerability as of:
To verify your system is running the correct kernel, run the following command: uname -r The version should be greater than or equal to the following, depending on your distribution:
If your version does not match, please run the following command and ensure an update to the kernel package is included: yum -y update kernel If no update is available, please try the following commands, then repeat the command above: yum clean metadata These commands will remove cached update information and force your server to use our mirror server, which is known to already contain the updated kernel version. After the upgrade processes, you should reboot your system as soon as possible. Red Hat published the following advisories regarding this vulnerability:
DebianDebian has patched this vulnerability as of October 20th, 2016. To verify your system is running the correct kernel, run the following command: uname -v The version (appearing after "#1 SMP Debian") should be greater than or equal to the following, depending on your distribution:
If your version does not match, please run the following command and ensure an update to the kernel package is included: apt-get update If no update is available, please try the following commands, then repeat the commands above: curl -s mirror.steadfast.net/mirrorize | bash This command will force your server to use our mirror server, which is known to already contain the updated kernel version. After the upgrade processes, you should reboot your system as soon as possible. Debian published the following advisories regarding this vulnerability:
Public CloudTemplates with the updated kernels for the Steadfast Public Cloud were made available on Monday, October 24th - 26th for new VMs. Be sure to update any VMs provisioned before that date as soon as possible using the directions above. If you have any questions or need assistance performing these upgrades, please contact us and we'll be happy to help. | |