you have a dedicated server
it’s running Linux
it’s a 64bit OS
your server is hackable!!!
It is IMPERATIVE that you update it!! Do not wait!!
The exploit is that allows people to gain root access is publicly available.
What to do?
You need to update the kernel of your server.
- if you have our “total security” package:
You will of have gotten an E-mail with the time that we’ll reboot your server.
- If you have a machine that is running a “netboot” / Cloud kernel:
You just need to reboot your server.
- if you run your kernel off the HDD:
you need to update the kernel which you can get from:
It’s the bzImage-220.127.116.11-xxxx file
- if you compile:
the sources on Kernel.org are vulnerable. You need to patch. Only 2.6.36-RC4 is patched. (To be confirmed, this is our quick test result).
After the update of the Kernel you should have this:
# uname -a
Linux XXXXXXX 18.104.22.168-xxxx-std-ipv6-64 #3 SMP Fri Sep 17
You need to have 22.214.171.124.
PS: As of recent, we’ve only got a single kernel (IPv4 + IPv6) called bzImage-xxxx-ipv6-xxxx
A security whole (CVE-2010-3301) allowing to locally gain root access has just been (re)discovered at the 32bit emulation level on 64bit systems.
All 64bit kernels since 2.6.27 are vulnerable.
Some background: The bug was fixed in 2007 in 126.96.36.199 (CVE-2007-4573), but a regression appeared in 2008.
[ explication and exploit: http://sota.gen.nz/compat2/ ]