We are in the process of migrating this forum. A new space will be available soon. We are sorry for the inconvenience.

Urgent and Important: Security fault


oles@ovh.net
09-17-2010, 05:54 PM
Hello,

IF

you have a dedicated server

AND

it uses Linux

AND

it is 64-bit

THEN

your server is hackable !!!

You NEED to update it!! Do not wait!!!

The exploit providing the root is publicly available.

What to do?
------------
You must update the kernel of your server.

How ?
---------
- if you are in "total security":
You have received an email planning a reboot of the server, you have nothing to do

- If you are in "netboot" / RPS / Cloud:
just reboot your server.

- If you're "Manual kernel":
you have the new kernels on
ftp://ftp.ovh.net/made-in-ovh/bzImage/
It is the bzImage-2.6.34.6-xxxx

- if you compile:
the sources on kernel.org are vulnerable. It must be patched. Only 2.6.36-RC4 is patched. (To be confirmed, we are quickly checking).

After setting up the kernel you should see this:
#*uname -a
Linux XXXXXXX 2.6.34.6-xxxx-std-ipv6-64 #3 SMP Fri Sep 17
^^^^^^^^

We must see 2.6.34.6.

PS. Now there is only one kernel (IPv4 + IPv6) called bzImage-xxxx-ipv6-xxxx

Detail:
-------

to obtain local root privileges just

A security fault (CVE-2010-3301) allowing the obtaining locally of root privileges to be (re)discovered for 32-bit emulation on the 64-bit systems.

All 64-bit kernels since 2.6.27 are vulnerable.

For history, the flaw had been fixed in 2007 in the 2.6.22.7 (CVE-2007-4573), but a decline occurred in 2008.

[explications et exploit: http://sota.gen.nz/compat2/]

All the best,
Octave