[Ksplice][CloudLinux 5 Updates] New updates available via Ksplice (CVE-2010-3081)

Tim Abbott tabbott at ksplice.com
Sat Sep 18 14:40:58 PDT 2010


Synopsis: CVE-2010-3081 can now be patched using Ksplice
CVEs: CVE-2010-3081

Systems running CloudLinux 5 can now use Ksplice to patch against 
CVE-2010-3081.

Ksplice is now providing an update for the high profile security 
vulnerability CVE-2010-3010.  Ksplice does not normally publish rebootless 
updates for CloudLinux 5 before CloudLinux has finished releasing a new 
kernel, but in this case due to the high profile of this security 
vulnerability, the fact that other distributions have successfully 
provided this update, and other factors, we are now making this update 
available for customers to install.

Please note that the mitigation steps described at 
<https://access.redhat.com/kb/docs/DOC-40265>, while effective against one 
public exploit for CVE-2010-3081, do not actually correct this 
vulnerability.  A modified version of this exploit is effective even 
against machines that have used the published Red Hat mitigation approach.  
The only known effective solution to CVE-2010-3081 is to update the 
kernel.

INSTALLING THE UPDATES

We recommend that all Ksplice Uptrack CloudLinux 5 users install these 
updates.  You can install these updates by running:

# uptrack-upgrade -y

DESCRIPTION

* CVE-2010-3081: Privilege escalation through stack underflow in compat.

A flaw was found in the 32-bit compatibility layer for 64-bit systems.
User-space memory was allocated insecurely when translating system
call inputs to 64-bit.  A stack pointer underflow could occur when
using the "compat_alloc_user_space" method with an arbitrary length
input, as in getsockopt.

SUPPORT

Ksplice support is available at support at ksplice.com or +1 765-577-5423.



More information about the CloudLinux5-Updates mailing list