dediserve news

Security update For Linux Based Servers

cloud

We would strongly recommend you follow the steps described below to ensure your Cloud Server remains secure.

A high-severity vulnerability has recently been discovered in the Linux kernel which potentially allows a local user on the system to gain root access (find out more here: CVE-2013-2094). Any Linux server regardless of web host will be affected by this issue. Please remember to back up your server before making any changes to avoid any data loss.

2.6.37 – 3.8.10 Kernels are vulnerable, however the change that introduced this flaw into the kernel was backported by Redhat into the 2.6.32 Kernel which is supplied with RHEL packages. Servers running CentOS 6, Fedora 18, Ubuntu LTS 12.04 and Debian 6 are all vulnerable and we would strongly recommend you update your VPS, Hybrid Server or dedicated server if you run these operating systems.

–          To update CentOS and Fedora, run, “yum update” and type “y” when prompted.

–          To update Ubuntu/Debian, run “apt-get update & apt-get upgrade ” and type “y” when prompted.

Once the new kernel is installed, you will need to reboot your server to apply the fix. Please note that running these commands will update all software on your server (not just the affected kernel); please make sure that following the reboot, you check that all services (websites, mail, ftp, etc.) are running correctly.

7 responses to “Security update For Linux Based Servers”

  1. Fergal Moran says:

    Do you not need to run sudo apt-get upgrade after?

  2. aidan says:

    No update just required, no need to upgrade the kernel also.

    • Fergal Moran says:

      But “apt-get update” just freshens the list of available packages, how do they then get installed?

  3. aidan says:

    You are of course correct, updated post now 🙂

  4. Doug Smart says:

    What is the patch name in Ubuntu 12.04?

  5. Javier C says:

    If I’m suing Plesk 11 in a CentOS 6.4 wich packages I should exclude to update to avoid problems with web sites and the control panel?