Kernel vulnerability in centos 6 and mitigation

Post Reply
Admin
Site Admin
Posts: 490
Joined: Wed Jul 25, 2012 10:54 pm

Kernel vulnerability in centos 6 and mitigation

Post by Admin » Wed May 15, 2013 1:28 am

Hello !

A kernel privilege escalation exploitable bug has been discovered in Centos/RedHat Linux 6.
https://bugzilla.redhat.com/show_bug.cgi?id=962792
As a result we are issuing this emergency maintenance, upgrading the kernel to the patched version and rebooting the servers.
This will affect OpenVZ servers for now, we are not sure yet if KVM will need this upgrade, we may decide to do it anyway, just to make sure, even though users dont have access to the host kernel and as such the vulnerability is not exploitable by non-admin users, it will be a scheduled maintenance, probably over the week-end.
Xen servers are not affected by this vulnerability, therefore no maintenance is necessary at this time.
We advise everyone running on KVM and Xen to keep their systems up to date, upgrade the kernel as soon as your distribution releases the patched version (most of those affected did already, so far). Keeping your OS up to date should be a maintenance priority for everyone.

Admin
Site Admin
Posts: 490
Joined: Wed Jul 25, 2012 10:54 pm

Re: Kernel vulnerability in centos 6 and mitigation

Post by Admin » Wed May 15, 2013 3:56 am

In addition to the problem above, we have an issue with pm22 which was discovered during the high load of rebooting. The node is taken offline and backed up.
We will update this as soon as we have more data.

Admin
Site Admin
Posts: 490
Joined: Wed Jul 25, 2012 10:54 pm

Re: Kernel vulnerability in centos 6 and mitigation

Post by Admin » Wed May 15, 2013 4:21 am

pm22 is up and running now.
The last servers are also being patched, it should be over in 30 minutes or so.
EDIT: Everything up and running. If you are still experiencing problems, please open a ticket.

Post Reply

Who is online

Users browsing this forum: No registered users and 29 guests