This is an important announcement regarding the security of our servers. If you are on XEN Virtualization you don't have to worry about it as we are protected with ksplice (no reboot kernel patching system so all Xen node's effective kernel is already 2.6.18-194.11.4.el5xen) unless the node is compromised or we feel reboot is necessary to eliminate backdoors we will keep you posted, please stay tuned at our twitterspace!
So we will start updating kernels of all OpenVZ & cPanel nodes (Germany, NZ & USA - All Softlayer servers we operate) starting 5PM New Zealand Time (+12GMT), this will requires reboot so expect your server/website to be interrupted for about 15-30minutes.
Vulnerability Issues:
Two high-priority security issues have been identified in the 64-bit Linux kernel. One affects virtually all current versions of the 64bit Linux kernel including the kernels we run on our Xen host machines, and the other affects some systems but RedHat Enterprise Linux 5 & CentOS 5 are unaffected.
The issue affecting us since we run CentOS 5 64-bit on our Xen hosts is as follows (Source - RedHat Network):
"The compat_alloc_user_space() function in the Linux kernel 32/64-bit compatibility layer implementation was missing sanity checks. This function could be abused in other areas of the Linux kernel if its length argument can be controlled from user-space. On 64-bit systems, a local, unprivileged user could use this flaw to escalate their privileges. (CVE-2010-3081,Important)"
Please follow-us on twitter to see which machine are upgrading at http://twitter.com/quickwebhosting
If you have questions please contact us by logging a Helpdesk ticket, at QuickWeb you can ensure servers are always in top shape as we know your business requires noting but stable & well maintained servers.
Â
Sincerely,
QuickWeb Hosting Team
Thursday, September 23, 2010
