Alert.png The wiki is deprecated and due to be decommissioned by the end of September 2022.
The content is being migrated to other supports, new updates will be ignored and lost.
If needed you can get in touch with EGI SDIS team using operations @ egi.eu.

EGI CSIRT:Alerts/kernel-2010-09-30

From EGIWiki
Revision as of 19:55, 30 September 2010 by Kouril (talk | contribs) (Created page with 'EGI CSIRT ADVISORY [EGI-ADV-20100930] Title: RHEL4 patch for CVE-2010-3081 kernel vulnerability Date: September 30, 2010 URL: https://wiki.egi.eu/wiki/EGI_CSIRT:Alerts/kernel-20…')
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

EGI CSIRT ADVISORY [EGI-ADV-20100930]

Title: RHEL4 patch for CVE-2010-3081 kernel vulnerability Date: September 30, 2010 URL: https://wiki.egi.eu/wiki/EGI_CSIRT:Alerts/kernel-2010-09-30

The recently discussed vulnerability CVE-2010-3081 has been fixed also in RHEL4 and its derivates (SL4/SLC4/CentOS4). We ask you please update all your vulnerable kernels as soon as possible, mainly those where users have access to (namely compute nodes, UI etc).

Although EGI CSIRT is not aware of any public exploit running on the RHEL4 family and thus will NOT enforce the 7-day mandatory patching policy, EGI CSIRT STRONGLY recommends sites to perform the update as soon as possible. EGI CSIRT will continue monitoring the situation. Should circumstance change we might re-enforce the 7-day mandatory patching policy at any time.

References:

SLC4: http://linux.web.cern.ch/linux/updates/updates-slc4.shtml#30.09.2010

SL4: http://listserv.fnal.gov/scripts/wa.exe?A2=ind1009&L=scientific-linux-errata&T=0&P=2161

RedHat: https://rhn.redhat.com/errata/RHSA-2010-0718.html

CentOS: http://lists.centos.org/pipermail/centos-announce/2010-September/017029.html

General information: https://access.redhat.com/kb/docs/DOC-40265