Skip to main content
View All Products
Compute
Storage
Databases
Networking
Developer Tools
Delivery
Security
Services
Industries
Pricing
Community
Engage With Us
Explore Blog
Categories
570
  1. Cloud Consulting Services
    4
  2. Cloud Overviews
    42
  3. Compute
    9
  4. Containers (Kubernetes, Docker)
    31
  5. Databases
    18
  6. Developer Tools
    30
  7. Linode
    243
  8. Linux
    69
  9. Multicloud
    4
  10. Networking
    29
  11. Open Source
    5
  12. Partner Network
    7
  13. Security
    58
  14. Storage
    21
Authors 570
  1. Abe Massry 2
  2. Al Newkirk 1
  3. Alexander Newnham 2
  4. Andrew Sauber 1
  5. Andrew Stebbins 2
  6. Andy Stevens 4
  7. Bradley LaBoon 1
  8. Blair Lyon 11
  9. Billy Thompson 5
  10. Christopher Aker 176
  11. Cassie Bubnis 1
  12. Daniele Polencic 3
  13. David Monschein 2
  14. David Rodriguez 1
  15. Dan Spataro 2
  16. Elvis Segura 1
  17. Gardiner Bryant 1
  18. Holden Morris 4
  19. Hillary Wilmoth 56
  20. Jim Ackley 4
  21. Jessica Capuano Mora 1
  22. Justin Cobbett 11
  23. Jon Frederickson 1
  24. Jonathan Hill 2
  25. Justin Mitchel 4
  26. James Steel 5
  27. Jamie Sherkness 8
  28. Linode 52
  29. Linode Events 8
  30. The Linode Security Team 121
  31. The Linode Network & Security Teams 1
  32. LINQ 1
  33. Leslie Salazar 1
  34. Michelle Berg 1
  35. Mitch Donaberger 1
  36. Mike Fischler 1
  37. Mike Maney 9
  38. Maddie Presland 15
  39. Mike Quatrani 4
  40. Nathan Melehan 2
  41. Nigel Poulton 1
  42. Rick Myers 7
  43. Richard Tubb 1
  44. Sal Carrasco 1
  45. Shawn Michels 1
  46. Linode Support 12
  47. Tom Asaro 18
BlogLinuxNew kernels, fixed vulnerabilities

New kernels, fixed vulnerabilities

Christopher Aker
Christopher Aker
August 17, 2009

We’ve released five new kernels which contain the fix for the recently announced Linux kernel local privilege escalation vulnerability (CVE-2009-2692).  The following kernels are NOT vulnerable:

2.6.18.8-linode19 (Latest 2.6 Stable)
2.6.30.5-linode20
2.6.18.8-x86_64-linode7 (Latest 2.6 Stable – x86_64)
2.6.30.5-x86_64-linode8
2.6.23.17-linode44 (for UML)

Please check the output of “uname -r” from within your Linode.  If you’re not running one of the kernels above (or later) then your Linode may be vulnerable.  In that case, we strongly recommend you choose “Latest 2.6 Stable” (or the non-vulnerable kernel of your choice) in your Linode’s Configuration Profile and reboot the Linode to acquire the change.  Verify you picked up the new kernel by running “uname -r” again after rebooting.

Exploits exist, affecting all versions of the Linux kernel up to and including 2.6.30.4, that allow a normal local user to gain root privileges.  We had mixed results in our testing, but the exploit definitely worked without modification on a couple of our kernels.  We strongly recommend you make sure you’re running one of the kernels listed above (or later).  We also maintain this list of available kernels.

You might also like...

Linux Command Line Tips | Use The ‘tr’ Command to Transform, Replace, and Remove Characters

In this video, @LearnLinuxTV explains the tr command and also gives examples of common ways to utilize this command in your code.
Linux

Use the Man Command to Learn Any Linux Command | Top Docs With Learn Linux TV

In this video, Jay demonstrates different ways the man command can teach you about different programs and commands in Linux.
Linux
Linux Superhero Jay LaCroix featuring the power of curl on Linux.

Supercharge Your Workflow with cURL | Understanding The cURL Command-Line Tool

In this video, @LearnLinuxTV explains the cURL (Client URL) command and how it interacts with restful APIs.
Linux

Comments (12)

  1. Author Photo
    Aaron

    Thanks for the update. Was wondering when this was going to come out. I was scared for a few days.

    Reply
  2. Christopher Aker
    caker

    The 2.6.18.8 series kernels we released last Friday night, but wanted to wait for 2.6.30.5 before making the announcement.

    Reply
  3. Author Photo
    Dan

    Nice, thanks for the update.

    Reply
  4. Author Photo
    Tim

    How do I upgrade to the latest kernel if I’m on an old version?

    Reply
  5. Author Photo
    BarkerJr

    To upgrade, simply reboot, then verify it again with: uname -r

    Reply
  6. Author Photo
    Davide Perini

    Thanks for informing us about that on your blog.
    I love your service. 🙂

    Have a good day.
    Davide.

    Reply
  7. Author Photo
    Matt R

    Mine says “2.6.18.8-linode16”.

    Would you say this requires update?

    Thanks!

    Reply
  8. Christopher Aker
    caker

    Is 2.6.18.8-linode16 or later in the list above? No. So you’re vulnerable.

    Reply
  9. Author Photo
    rjspence

    Thank you for your continued updates. This is very much appreciated and certainly why Linode LLC is the right choice for our services. Keep up the fantastic support work.

    Reply
  10. Author Photo
    Casey

    Thanks for the great work! Is this kernel’s source available? I see many kernel sources here: https://www.linode.com/src/ but not 2.6.23.17-linode44.

    I was hoping to get the right headers so I can compile kernel modules on my Linodes!

    Reply
  11. Christopher Aker
    caker

    @Casey – that’s a UML kernel, which doesn’t support modules in our environment. If you need modules, submit a ticket and we’ll migrate your Linode to a Xen host.

    Reply
  12. Author Photo
    Casey

    Thanks for the advice! I rarely need to build kernel modules, but it would be nice and I doubt I’d notice the UML/Xen switch otherwise.

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *