We would like to bring to your attention a new serious vulnerability affecting all Linux kernels version 3.8 and above. This zero-day vulnerability, assigned with a code CVE-2016-0728, is caused by a reference leak in the keyrings facility on the affected Linux kernels, allowing a regular user to have escalated privileges witin the system. If your Linux system's kernel is affected, we recommend you to patch your system as soon as possible.
Is My Linux system affected?
To verify if the Linux kernel on your system is affected by the vulnerability, run below command from the SSH command prompt:
uname -r
For example:
===
# uname -r
3.13.0-36-generic
===
If you are seeing Linux kernel version 3.8 or above, then most likely your Linux kernel system is affected by the vulnerability.
Some Linux distros affected by the vulnerability includes, but not limited to:
- CentOS 7 (note: CentOS 6 is not affected)
- Ubuntu 14.04 LTS
- Debian 8
How Can I Fix This Vulnerability?
Firstly, verify the current Linux kernel version that you are using by using "uname -r" command.
For example:
===
# uname -r
3.13.0-36-generic
===
In Ubuntu and Debian systems, install the latest patches by using below command:
===
apt-get update && apt-get upgrade -y && apt-get dist-upgrade -y
===
For CentOS 7, the fix is still on the way, once the fix is out, install the latest patches by using below command:
===
yum update -y
===
You need to reboot your system for the changes to take effect. Type "reboot" on the SSH command line to reboot your system:
===
reboot
===
After your system is rebooted, please login and run the "uname -r" command again and ensure that the Linux kernel version number is changed.
For example:
===
# uname -r
3.13.0-76-generic
===
Below is the list of fixed Linux kernel versions according to the distros:
Ubuntu Linux 14.04 LTS : 3.13.0-76 (package version 3.13.0-76.120)
Debian Linux 8.x : 3.16.0-4 (package version 3.16.7-ckt20-1+deb8u3)
CentOS 7: (to be confirmed once patch is out)
Actions Taken
We have patched all our customer-related systems, including but not limited to our account panel / portal server, web server, DNS servers and mail servers, and they are no longer affected by the newly discovered security vulnerabilities.
What You Need To Do
We advised customers who are running affected Linux kernels on their servers / servelets to patch their systems as soon as possible. You may use the above instructions under the "How Can I Fix This Vulnerability?" section on how to patch your system. You need to reboot your servelets / servers for the changes to take effect.
You can engage our system administration service if you need our assistance in patching your servelets / servers. For applying this fix, you may order by logging in to our portal and then go to Order > Additional Services > Vulnerability Fix - LINUX & WINDOWS: Linux Kernel "Use-After-Free" and Poodle SSLV3 Vulnerability - $10.
More Information:
Use after free vulnerability in Linux kernel keychain management (CVE-2016-0728) - https://access.redhat.com/articles/2131021
How To Patch and Protect Linux Kernel Zero Day Vulnerability CVE-2016-0728 - http://www.cyberciti.biz/faq/linux-cve-2016-0728-0-day-local-privilege-escalation-vulnerability-fix/
Serious Linux Kernel Vulnerability Patched - https://threatpost.com/serious-linux-kernel-vulnerability-patched/115923/
Massive Linux vulnerability discovered - https://gcn.com/articles/2016/01/20/linux-vulnerability.aspx
??
English
Bahasa Indonesia
???
Espanol