you have a dedicated server
it runs on Linux
it is 64-bit
your server is hackable!
You NEED to update it! Do not wait!
The exploit, which provides the root is publicly
What to do?
Must update the kernel of your server.
- If you are in "total security":
you received an email from the Planning reboot
server, you have nothing to do
- If you are "netboot" / RPS / Cloud:
just reboot your server.
- If you're kernel Manual ":
you have the new kernels on
is the bzImage-184.108.40.206-xxxx
- If you compile:
on kernel.org sources are vulnerable. Must
patch. Only 2.6.36-RC4 is patched. (To be confirmed,
we were quickly checked).
After setting up the kernel you should see this:
Uname-a # *
XXXXXXX Linux 220.127.116.11-xxxx-std-ipv6-64 # 3 SMP Fri September 17
We must see 18.104.22.168.
PS. Now there is only one nucleus (IPv4 IPv6)
A security vulnerability (CVE-2010-3301) to obtain
local root privilege has been (re) discovery
at the 32bit emulation on 64bit systems.
All 64bit kernels since 2.6.27 are vulnerable.
For history, the flaw had been fixed in 2007
22.214.171.124 (CVE-2007-4573), but a decline occurred
[Explanations and achievement: http://sota.gen.nz/compat2/]