AdamD
19-11-2010, 10:41
Thanks Fozl
Hello
SI
you have a dedicated server
AND
it runs on Linux
AND
it is 64-bit
THEN
your server is hackable!
You NEED to update it! Do not wait!
The exploit, which provides the root is publicly
available.
What to do?
------------
Must update the kernel of your server.
How?
---------
- If you are in "total security":
you received an email from the Planning reboot
server, you have nothing to do
- If you are "netboot" / RPS / Cloud:
just reboot your server.
- If you're kernel Manual ":
you have the new kernels on
ftp://ftp.ovh.net/made-in-ovh/bzImage/
is the bzImage-2.6.34.6-xxxx
- If you compile:
on kernel.org sources are vulnerable. Must
patch. Only 2.6.36-RC4 is patched. (To be confirmed,
we were quickly checked).
After setting up the kernel you should see this:
Uname-a # *
XXXXXXX Linux 2.6.34.6-xxxx-std-ipv6-64 # 3 SMP Fri September 17
^^^^^^^^
We must see 2.6.34.6.
PS. Now there is only one nucleus (IPv4 IPv6)
named bzImage-xxxx-xxxx-ipv6
Details:
-------
A security vulnerability (CVE-2010-3301) to obtain
local root privilege has been (re) discovery
at the 32bit emulation on 64bit systems.
All 64bit kernels since 2.6.27 are vulnerable.
For history, the flaw had been fixed in 2007
2.6.22.7 (CVE-2007-4573), but a decline occurred
2008.
[Explanations and achievement: http://sota.gen.nz/compat2/]
Regards
Octave