Stay safe: how to install the patch for Linux bug CVE-2016-0728

200px-Tux.svgA security bug affecting Linux versions 3.8 and higher was recently identified. Although this bug (CVE-2016-0728) was first introduced into the Linux Kernel in 2012, it was only discovered and made public a few days ago. When we learned of the bug’s existence, we immediately patched all internal LeaseWeb servers. We advise everyone to patch their servers as well.

The vulnerability in the Linux kernel could potentially be used by attackers in order to obtain higher privileges from a regular account. It uses a technique called “use-after-free” to control the way memory is freed on kernel objects which is then replaced with user supplied data, while keeping the privileges of that memory object.

The following versions of GNU/Linux are known to be affected:

  • Red Hat Enterprise Linux 7
  • CentOS Linux 7
  • Scientific Linux 7
  • Debian Linux stable 8.x (jessie)
  • Debian Linux testing 9.x (stretch)
  • SUSE Linux Enterprise Desktop 12
  • SUSE Linux Enterprise Desktop 12 SP1
  • SUSE Linux Enterprise Server 12
  • SUSE Linux Enterprise Server 12 SP1
  • SUSE Linux Enterprise Workstation Extension 12
  • SUSE Linux Enterprise Workstation Extension 12 SP1
  • Ubuntu Linux 14.04 LTS (Trusty Tahr)
  • Ubuntu Linux 15.04 (Vivid Vervet)
  • Ubuntu Linux 15.10 (Wily Werewolf) Opensuse
  • Linux LEAP and version 13.2

Here’s how you can check if one of your systems might be vulnerable to this bug, courtesy of our security engineer Juan Sacco. You need to run the following command in your Linux Box: uname -mrs

If the output of this command shows that your system is running a vulnerable version of the Linux kernel, you could try the following to update it to the most recent version:

For Linux Debian/Ubuntu: 

apt-get update &&  apt-get upgrade linux-image-$(uname -r)

For Redhat/CentOS:

yum clean all && yum update -y kernel

Please be advised that for this change to take effect your system needs to be restarted.

2 Responses to “Stay safe: how to install the patch for Linux bug CVE-2016-0728”

Leave a Reply

LeaseWeb on Twitter

Are you at @Digital_Dragons ? Don’t miss Onno Lammers’ talk “Don’t play their games: keeping #gaming IT safe from hackers” 18:00, Hall D

test Twitter Media - Are you at @Digital_Dragons ? Don’t miss Onno Lammers’ talk “Don’t play their games: keeping #gaming IT safe from hackers” 18:00, Hall D https://t.co/WJ4x2k2ErM

We are at @Digital_Dragons Meet us at booth A43 or set up an appointment with our #gaming #infrastructure experts digitaldragons.pl

test Twitter Media - We are at @Digital_Dragons Meet us at booth A43 or set up an appointment with our #gaming #infrastructure experts https://t.co/dCyKKVExQp https://t.co/Qa6DtTGKz5

#TechSummitIO We are giving away one free ticket to the first 10 people to use the code I-CANT-WAIT-TO-BE-THERE! techsummit.io/amsterdam/#tic…

test Twitter Media - #TechSummitIO We are giving away one free ticket to the first 10 people to use the code I-CANT-WAIT-TO-BE-THERE! https://t.co/fnYYEhkC97 https://t.co/Oc4HTETpPN

Just won the Silver Award at the Hosting & Service Provider Summit. We would like to thank our customers and partners for voting for us!

test Twitter Media - Just won the Silver Award at the Hosting & Service Provider Summit. We would like to thank our customers and partners for voting for us! https://t.co/vxTQtfw33i