Linux Kernel Vulnerability

A vulnerability has been found in the Linux kernel, which unfortunately is just about every system running 64-bit Linux.

This vulnerability was introduced into the linux kernel in April 2008, and so essentially every distribution is affected, including RHEL (CentOS).

For the full story, follow these links:
http://blog.ksplice.com/2010/09/cve-2010-3081/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3081

How to protect yourself

We suggest you upgrade your system kernels as soon as possible, putting a higher priority on shared hosting servers is advised.

Most systems will simply upgrade via yum, however your datacentre may have a local yum repository, so the new kernels may not be available yet (This has been reported by a few users already). We suggest you add a standard CentOS mirror to your yum configuration file to overcome this situation.

OpenVZ have a patched kernel available in there yum repository (2.6.18-194.8.1.el5.028stab070.5) so a yum update should allow you to install the new kernel, if not, the kernel is available for download here: http://wiki.openvz.org/Download/kernel/rhel5/028stab070.5

CentOS also have a new kernel release that patches the vulnerability in the standard and Xen kernels (2.6.18-194.11.4.el5), which is available via yum also.

Please do not submit tickets about kernel upgrades. Use this following forum thread for help http://forum.soluslabs.com/showthread.php/1898-Please-Read!!-Linux-Kernel-Vulnerability

Menu