Order website hosting today and get a free Domain name

  • Contact
  • Client Area
  • Register
Referral Program

Announcements

Home > Announcements

CentOS 6 - Kernel Vulnerability

Tweet
This applies to dedicated servers. All VPS nodes have been updated. If you have a VPS, you can ignore this. 

If you have a managed dedicated server, please open a support ticket at https://www.mambo.co.ke and we will help you complete this update. This update is available via Ksplice for a rebootless kernel update OR via traditional kernel update which will require a reboot. 

If you do not have Ksplice and you would like Ksplice so kernel updates can be completed automatically and without a reboot, please contact sales. 

A vulnerability has recently been disclosed in the Linux kernel which affects all systems running CentOS 6. This vulnerability is serious and may allow a remote exploit or local user to cause privilege escalation, resulting in root access to your server. A working example of the exploit has already been publicly disclosed, thus no advanced knowledge of the Linux kernel is required to gain root access once shell access has been obtained on the target system.

The CVE entry for this vulnerability may be found here:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2094

CentOS 5.x, Debian 6 (Squeeze), FreeBSD and Windows users are unaffected by this specific vulnerability. We have not evaluated the status of Linux distributions or versions not mentioned here. You should consult your distribution's security documentation to determine if your distribution is vulnerable.

It is especially important to upgrade your kernel if your system services multiple users via shell accounts, jail or container-based virtualization, or dynamic web sites. Updates which fix these and/or several other security issues and bugs are available immediately for most systems.

Red Hat and CentOS have patched this vulnerability as of May 16, 2013.


Ksplice: If you have a Ksplice license, a rebootless kernel update is available. You can update your kernel with the following command:

uptrack-upgrade -y


To verify your system is running the correct kernel, run the following command:

uname -r

The version should be greater than or equal to 2.6.32-358.6.2.el6

If your version does not match, please run the following command and ensure an update to the kernel package is included:

yum -y update kernel

These commands will clean your cached update information and force your server to use our mirror server, which is known to already contain the updated kernel version.

After the upgrade processes, you should reboot your system as soon as possible.

Red Hat published the following advisories regarding this
vulnerability:

* https://access.redhat.com/security/cve/CVE-2013-2094 
* https://rhn.redhat.com/errata/RHSA-2013-0830.html
* https://access.redhat.com/site/solutions/373743

James Waititu,
CEO and Founder

Thursday, May 30, 2013







« Back

View RSS Feed

Powered by WHMCompleteSolution

SSL