Linode.com Forum

[Xan]

You may have heard of the new kernel exploit that recently became public.

I just tried the exploit code on the Linode to see if it was vulnerable. It doesn't give me a root login, but it does hang the "machine", pretty hard, too. Took a few minutes for the Lish-initiated reboot to take effect; I thought I was going to have to fill a support ticket.

Best case scenario seems to be a graceless shutdown, so I would have to stamp it Not Recommended.

[Xel]

Yea... Listen to what he said... Because.... yea...

--Xel

[caker]

As soon as the kernel devs settle on a fix, I'll be releasing new kernels...

-Chris

[OverlordQ]

ONe of the 'exploits' patch it :)

Find it in the debian bug ticket

[anderiv]

I believe GKH just committed the fix for this into 2.6.24.2:

[caker]

http://www.linode.com/forums/viewtopic.php?t=3104

-Chris

[reallove]

(asking maybe a stupid question)
how can I upgrade to the latest 2.6.24.2 ,without recompiling myself the kernel ?

[anderiv]

You can select what kernel you're booting in your profile config in LPM (the members section of linode.com).

-erik

[reallove]

thought so,but my latest 2.6 series is 2.6.18.8 (domU linode5).

[anderiv]

Ahh - you're on Xen. The kernel caker just released was a UML kernel. I haven't heard when the Xen kernel will be updated.

[reallove]

considering the big impact of this exploit it would be great to have one also on xen :)

[caker]

For you Xen people:

http://www.linode.com/forums/viewtopic.php?t=3105

-Chris