Heads-up from EGI: CVE-2016-5195
EGI CSIRT (Software vulnerability Group) has alerted us to a critical vulnerability in the linux kernel affecting most distros.
‘CRITICAL’ Risk CVE-2016-5195 Linux kernel privilege escalation EGI-SVG-CVE-2016-5195
A kernel vulnerability has been found concerning a race condition allowing an unprivileged local user to gain write access to otherwise read only mappings and increase their privilege in the system.
At present this is a ‘Heads up’. However sites running an OS where patches are available should urgently install the new version. (Currently Debian and Ubuntu.)
- Sites running an OS where patches are available (currently Debian and Ubuntu) are advised to install the new version within the next 7 days.
- Machines allowing unprivileged user access, such as Grid Worker Nodes, should be prioritised.
- At this stage a rolling update and reboot is recommended as sufficient.
Other sites, running an OS where patches are not available yet should prepare the update, which they will be required to apply within 7 days when new version will be available. Sites are also encouraged to investigate workarounds (e.g. systemtap) for systems with direct unprivileged user access, such as User Interfaces.
Sites failing to act and/or failing to respond to requests from the EGI CSIRT team risk site suspension.
Tagged with AAROC • CSIRT • operations • security • updates • CVE-2016-5195
This is a companion discussion topic for the original entry at http://www.africa-grid.org//security/2016/10/20/EGI-ADV-SVG-CVE-2016-5195/