[Ksplice][CloudLinux 5 Updates] New updates available via Ksplice (CVE-2010-3081)
Tim Abbott
tabbott at ksplice.com
Sat Sep 18 14:40:58 PDT 2010
Synopsis: CVE-2010-3081 can now be patched using Ksplice
CVEs: CVE-2010-3081
Systems running CloudLinux 5 can now use Ksplice to patch against
CVE-2010-3081.
Ksplice is now providing an update for the high profile security
vulnerability CVE-2010-3010. Ksplice does not normally publish rebootless
updates for CloudLinux 5 before CloudLinux has finished releasing a new
kernel, but in this case due to the high profile of this security
vulnerability, the fact that other distributions have successfully
provided this update, and other factors, we are now making this update
available for customers to install.
Please note that the mitigation steps described at
<https://access.redhat.com/kb/docs/DOC-40265>, while effective against one
public exploit for CVE-2010-3081, do not actually correct this
vulnerability. A modified version of this exploit is effective even
against machines that have used the published Red Hat mitigation approach.
The only known effective solution to CVE-2010-3081 is to update the
kernel.
INSTALLING THE UPDATES
We recommend that all Ksplice Uptrack CloudLinux 5 users install these
updates. You can install these updates by running:
# uptrack-upgrade -y
DESCRIPTION
* CVE-2010-3081: Privilege escalation through stack underflow in compat.
A flaw was found in the 32-bit compatibility layer for 64-bit systems.
User-space memory was allocated insecurely when translating system
call inputs to 64-bit. A stack pointer underflow could occur when
using the "compat_alloc_user_space" method with an arbitrary length
input, as in getsockopt.
SUPPORT
Ksplice support is available at support at ksplice.com or +1 765-577-5423.
More information about the CloudLinux5-Updates
mailing list