Stay safe: how to install the patch for Linux bug CVE-2016-0728

200px-Tux.svgA security bug affecting Linux versions 3.8 and higher was recently identified. Although this bug (CVE-2016-0728) was first introduced into the Linux Kernel in 2012, it was only discovered and made public a few days ago. When we learned of the bug’s existence, we immediately patched all internal LeaseWeb servers. We advise everyone to patch their servers as well.

The vulnerability in the Linux kernel could potentially be used by attackers in order to obtain higher privileges from a regular account. It uses a technique called “use-after-free” to control the way memory is freed on kernel objects which is then replaced with user supplied data, while keeping the privileges of that memory object.

The following versions of GNU/Linux are known to be affected:

  • Red Hat Enterprise Linux 7
  • CentOS Linux 7
  • Scientific Linux 7
  • Debian Linux stable 8.x (jessie)
  • Debian Linux testing 9.x (stretch)
  • SUSE Linux Enterprise Desktop 12
  • SUSE Linux Enterprise Desktop 12 SP1
  • SUSE Linux Enterprise Server 12
  • SUSE Linux Enterprise Server 12 SP1
  • SUSE Linux Enterprise Workstation Extension 12
  • SUSE Linux Enterprise Workstation Extension 12 SP1
  • Ubuntu Linux 14.04 LTS (Trusty Tahr)
  • Ubuntu Linux 15.04 (Vivid Vervet)
  • Ubuntu Linux 15.10 (Wily Werewolf) Opensuse
  • Linux LEAP and version 13.2

Here’s how you can check if one of your systems might be vulnerable to this bug, courtesy of our security engineer Juan Sacco. You need to run the following command in your Linux Box: uname -mrs

If the output of this command shows that your system is running a vulnerable version of the Linux kernel, you could try the following to update it to the most recent version:

For Linux Debian/Ubuntu: 

apt-get update &&  apt-get upgrade linux-image-$(uname -r)

For Redhat/CentOS:

yum clean all && yum update -y kernel

Please be advised that for this change to take effect your system needs to be restarted.

2 Responses to “Stay safe: how to install the patch for Linux bug CVE-2016-0728”

Leave a Reply

LeaseWeb on Twitter

Read our CEO's reflections on the amazing growth that has made LeaseWeb the company it is today: blog.leaseweb.com/2017/04/26/loo… #LeaseWeb20

test Twitter Media - Read our CEO's reflections on the amazing growth that has made LeaseWeb the company it is today: https://t.co/vg5W5PUjRW #LeaseWeb20 https://t.co/jU0aayoqdk

"Mens sana in corpore sano" - Our team in training for last year's Viking Run #LeaseWeb20 #throwbackthursday

test Twitter Media - "Mens sana in corpore sano" - Our team in training for last year's Viking Run #LeaseWeb20 #throwbackthursday https://t.co/pCNEfXwmAa

The cloud gives IT and business leaders a chance to rethink the effectiveness of their business continuity strategy: lnkd.in/gf5Xnpw

System Administrator wanted. Do you have experience in managing internal IT Systems and broad software knowledge? lsw.to/lhj