• This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn more.

RHEL/CentOS security vulnerability

Tracy Perry

Well-known member
#1
Don't know what exactly it pertains to (as I run Debian) but for those using CentOS or RHEL this will probably apply. It was an email I received from my VPS solution (RamNode).
_________________________________
Hello,
This message is to all clients.
As many of you are aware, RedHat has recently published a critical security vulnerability. This vulnerability impacts all CentOS systems, which is what we run on our host nodes. The vulnerability does not put our nodes at risk of compromise, but OpenVZ users can cause our OpenVZ host nodes to reboot and/or kernel panic. As such, we are going to apply a kernel upgrade to all OpenVZ nodes and reboot them. We will be doing this over the course of the next few hours. Unfortunately, we cannot provide advance notice for this maintenance given the scope and risk of the vulnerability.

KVM clients running RHEL (or any derivative thereof) need to update their own kernels as soon as one becomes available from the source (CentOS, etc.). We will not be rebooting our KVM nodes at this time.
 

SneakyDave

Well-known member
#3
From the centos forums... This is regarding the 2.6.32-358 kernel on 64bit systems.

The exploit appears to only work on 64 bit systems and only if the code is compiled with gcc -O2. It's not specific to the 358 series of kernels - I've seen reports of it working as far back as 2.6.32-220*. Installing kmod-tpe from ELRepo would be one way of preventing the exploit since that stops all executables from running if they are not owned root:root!
https://www.centos.org/modules/newbb/viewtopic.php?topic_id=42827&forum=59