rssLink RSS dla wszystkich kategorii
 
icon_orange
icon_red
icon_red
icon_blue
icon_blue
icon_blue
icon_green
icon_red
icon_blue
icon_blue
icon_blue
icon_blue
icon_blue
icon_blue
icon_blue
icon_blue
icon_red
icon_blue
icon_orange
icon_red
icon_blue
icon_blue
icon_blue
icon_blue
icon_green
icon_blue
icon_blue
 

FS#26549 — new #9 kernel images (CVE-2016-5195)

Przydzielony do projektu— Dystrybucje OS
Konserwacja
Backend / Core
ZAMKNIĘTE
100%
A vulnerability in the Linux kernel has been discovered that affects
all Linux kernels.

While we are in the course of preparing a new OVH kernel based on the
long-term 4.4 series, we cannot update our public default kernels to
4.4 just yet because of several issues, mostly due to hardware
compatibility, that need to be resolved.

We have for now instead decided to recompile the currently used
3.14.32 kernel (that already includes patches for prior
vulnerabilities) with a backported fix to this issue.

This patched kernel is available on our ftp server:
ftp://ftp.ovh.net/made-in-ovh/bzImage/latest-production/
It has also been rolled out on our reinstallation system for dedicated
servers (if no other kernel is chosen during reinstallation launch) as
well as on our netboot services.

We strongly encourage all users on 3.14.32 kernels to update their
system. If uncertain on which patchlevel you are, please refer to the
output of "uname -a" - the fixed kernels have recompilation number 9
and todays date, for example:
# uname -a
Linux yourserver.ovh.net 3.14.32-xxxx-grs-ipv6-64 #9 SMP Thu Oct 20
14:53:52 CEST 2016 x86_64 GNU/Linux


For users of our "test" kernels, updated kernels of version 4.4.26 are
provided as well: ftp://ftp.ovh.net/made-in-ovh/bzImage/latest-test/.

We'd like to thank grsecurity.net for providing us with the backported
fix for 3.14.

Data:  czwartek, 03 listopad 2016, 08:21
Powód zamknięcia:  Done
Komentarz od OVH - piątek, 21 październik 2016, 08:47

20.10.2016, 15:56PM
For more information about CVE-2016-5195, please refer to:
https://bugzilla.redhat.com/show_bug.cgi?id=1384344
https://access.redhat.com/security/vulnerabilities/2706661
http://dirtycow.ninja/