Security update for Linux DSVM RRS feed

  • General discussion

  • A security vulnerability, Dirty COW, was recently discovered in the Linux kernel. This vulnerability allows ordinary users to gain administrative privileges and should be taken seriously. 

    CentOS 7.2, the base OS for the Linux DSVM, is vulnerable to this attack. It can be addressed by updating your kernel to version 3.10.0-327.36.3.el7.x86-64. You can update to this version by launching a command prompt and running:

    yum clean all
    sudo yum update --skip-broken

    You will need to reboot your VM after updating.

    To confirm that your server has been patched, go to this link, click Diagnose, then Download Detection Script. Run the script using bash:

    bash rh-csv-2016-5195_2.sh

    CentOS downloads updates from one of many mirror servers. Not all mirrors have the latest kernel update, so if the script reports that your server is still vulnerable after updating and rebooting, try again in a few hours.

    We recommend that if you create user accounts for others on a Linux DSVM, for training or other purposes, that you remove them when no longer needed.

    Tuesday, October 25, 2016 7:59 PM