We are in the process of migrating this forum. A new space will be available soon. We are sorry for the inconvenience.

Urgent and Important: Security fault

09-17-2010, 05:54 PM


you have a dedicated server


it uses Linux


it is 64-bit


your server is hackable !!!

You NEED to update it!! Do not wait!!!

The exploit providing the root is publicly available.

What to do?
You must update the kernel of your server.

How ?
- if you are in "total security":
You have received an email planning a reboot of the server, you have nothing to do

- If you are in "netboot" / RPS / Cloud:
just reboot your server.

- If you're "Manual kernel":
you have the new kernels on
It is the bzImage-

- if you compile:
the sources on kernel.org are vulnerable. It must be patched. Only 2.6.36-RC4 is patched. (To be confirmed, we are quickly checking).

After setting up the kernel you should see this:
#*uname -a
Linux XXXXXXX #3 SMP Fri Sep 17

We must see

PS. Now there is only one kernel (IPv4 + IPv6) called bzImage-xxxx-ipv6-xxxx


to obtain local root privileges just

A security fault (CVE-2010-3301) allowing the obtaining locally of root privileges to be (re)discovered for 32-bit emulation on the 64-bit systems.

All 64-bit kernels since 2.6.27 are vulnerable.

For history, the flaw had been fixed in 2007 in the (CVE-2007-4573), but a decline occurred in 2008.

[explications et exploit: http://sota.gen.nz/compat2/]

All the best,