Linux Kernel security update issue.

[shaan N]

There is an Kernel vulnerability update released for linux servers and we can fix the issue by updating the Linux kernel to the latest version.

In order to check the vulnerability on the server please use the below mentioned steps to run the script,

Check Vulnerability

Ubuntu/Debian

To find out if the server is affected, check the kernel version.
$ sudo uname -rv

We can see the output like this:

Output
4.4.0-42-generic #62-Ubuntu SMP Fri Oct 7 23:11:45 UTC 2016


CentOS
Some versions of CentOS can use this script provided by RedHat for RHEL to test the server's vulnerability. To try it, first download the script.

wget https://access.redhat.com/sites/default ... -5195_1.sh

Then run it with bash.

bash rh-cve-2016-5195_1.sh

If it is vulnerable, we can see an output like this:

Output
Your kernel is 3.10.0-327.36.1.el7.x86_64 which IS vulnerable.
Red Hat recommends that you update your kernel. Alternatively, you can apply partial
mitigation described at https://access.redhat.com/security/vuln ... es/2706661 .

We can use the following commands to update your Debian/Ubuntu/Centos and RHEL systems,and also we need to reboot after updating it.

Debian/Ubuntu:
$ sudo apt-get update && sudo apt-get upgrade && sudo apt-get dist-upgrade

RHEL:
$ sudo yum update
$ sudo reboot

CentOS
To update the kernel on CentOS 7, run:
- sudo yum update

There is still no official update of the CentOS 5 and 6 kernel.we're still waiting on a fix for CentOS 5 and 6.

For reference - https://bugzilla.redhat.com/show_bug.cgi?id=1384344#c13

[Edward]

Centos 6 also is having patched kernel release now. Please do the yum update command in centos 6 server and other rhel6 ones