Alert.png The wiki is deprecated and due to be decommissioned by the end of September 2022.
The content is being migrated to other supports, new updates will be ignored and lost.
If needed you can get in touch with EGI SDIS team using operations @ egi.eu.

EGI CSIRT:Alerts/LinuxKernel-2014-07-04

From EGIWiki
Jump to navigation Jump to search
The printable version is no longer supported and may have rendering errors. Please update your browser bookmarks and please use the default browser print function instead.
EGI-CSIRT web site EGI-CSIRT Public wiki EGI-CSIRT Contacts EGI-CSIRT Activities EGI-CSIRT Private wiki 


** WHITE information - Unlimited distribution allowed                       **  

** see https://wiki.egi.eu/wiki/EGI_CSIRT:TLP for distribution restrictions **

EGI CSIRT ADVISORY [EGI-ADV-20140625] 

Title:       EGI SVG Advisory 'High' RISK - CVE-2014-3153 Linux kernel privilege 
escalation vulnerability    [EGI-ADV-20140704] 

Date:        2014-07-04
Updated:     <date  yyyy-mm-dd>

URL:         https://wiki.egi.eu/wiki/EGI_CSIRT:Alerts/LinuxKernel-2014-07-04  

Introduction
============

This vulnerability allows privilege escalation, including escalation to 'root' and 
the ability to crash the kernel.

Previously EGI CSIRT sent a 'heads up' about this as a potential 'Critical' risk. 
However, no public exploit has been confirmed so it has been assessed as 'High' risk

This has now been fixed in RHEL6 and SL6

RHEL5 and it's derivatives are not affected. 



Risk category
=============

This issue has been assessed as 'High' risk by the EGI CSIRT team. 


Affected software
=================

RHEL6 and its deriviatives. 

For the SL6 the fixed kernel version is 2.6.32-431.20.3 
which was provided on 19th June 2014



Mitigation
==========

N/A. 


Component installation information
==================================

Sites should see the appropriate SL6 or RHEL6 documentation for further information. 


Recommendations
===============

Sites deploying RHEL6 and it's derivatives are recommended to update as soon as possible, 
if they have not done so already. 

Note that if you updated after 19th June you should already have a fixed version of the kernel. 

Credit
======

This vulnerability was found by EGI by Leif Nixon. 
It had originally been reported to Google by a Pinkie Pie.   



References
==========

[R 1] http://seclists.org/oss-sec/2014/q2/467

[R 2] http://seclists.org/oss-sec/2014/q2/469



Timeline 
========
Yyyy-mm-dd


2014-06-06 SVG and EGI CSIRT become aware of the vulnerability 
2014-06-10 Discussed at the EGI IRTF meeting and decided it was likely to become
           'critical' if a public exploit became available and a 'Heads up' 
            should be sent to sites.  
2014-06-11 'Heads up' sent to sites
2014-06-19 Updated packages available in RHEL6 
2014-06-19 Updated packages available in SL6 
2014-06-25 Risk assessed as 'High' 
2014-07-04 Advisory to update sent to sites
Retrieved from "https://wiki.egi.eu/w/index.php?title=EGI_CSIRT:Alerts/LinuxKernel-2014-07-04&oldid=68356"