heads up: kernel regression in CentOS 2.6.32 and OpenVZ 2.6.18/2.6.32 kernels creates local DoS (reb

kaniini

Beware the bunny-rabbit!
Verified Provider
Rack911 posted a vulnerability to oss-security earlier this evening.

[temp removed]

We (my company) did some of the low-level debugging work on this vulnerability and developed an exploit which reliably triggered it.  It is a race condition related to RCU of kernel data structures in the IPv4 stack.

We decided to release it publically because there was already POC code from a similar bug from 2003 that had about a 50% chance of whacking it anyway.

CVE number will be forthcoming.
 
Last edited by a moderator:

Steven

New Member
Well I guess this made it here. All started with us trying to break betterlinux, after we discovered a exploit from 2003 caused some odd behavior we had kaniini take a look and he made it a fully reproducible poc.
 
Last edited by a moderator:

maounique

Active Member
So this is probably related with our nodes reboots for ovz. If this fixes it, then we can restart selling those :)

I always suspected there is some exploit and someone is running it randomly on a handful of nodes (very old nodes are not affected).

Also, oddly, after we took out the stock and decided not to sell ovz anymore, these reboots halved or so.
 

SeriesN

Active Member
Verified Provider
Dangit! Discovered it this weekend and was planning to update by next sunday but it is public now :(.
 

Francisco

Company Lube
Verified Provider
Dangit! Discovered it this weekend and was planning to update by next sunday but it is public now :(.
Been trying to get a ksplice to generate but it's being annoying. I've yet to build a 2.6.32 ksplice so I'm running into a few derps for sure.

Francisco
 

Francisco

Company Lube
Verified Provider
Sir,

You HAZ Ksplice? @[email protected]
Not on a paid subscription. We roll our own to patch things when we don't want to reboot 90 nodes. It's easier to distro a 100k patch than reboot everyone ;)

To date we've had to roll a half dozen or so ksplices, usually to fix deadlocks. Ksplice is giving me attitude over .32, though, so we'll see.

Francisco
 
Last edited by a moderator:

SeriesN

Active Member
Verified Provider
Not on a paid subscription. We roll our own to patch things when we don't want to reboot 90 nodes. It's easier to distro a 100k patch reboot everyone ;)


To date we've had to roll a half dozen or so ksplices, usually to fix deadlocks. Ksplice is giving me attitude over .32, though, so we'll see.


Francisco
Are you willing to "license" out your Ksplice and patches? I am sure some unfortunate soul would appreciate that.
 

Francisco

Company Lube
Verified Provider
Are you willing to "license" out your Ksplice and patches? I am sure some unfortunate soul would appreciate that.
Let me get this damn thing to compile properly before I start giving things away :p

Charging for opensource things is wrong, especially since kaniini wrote the patch my builds based from.

Francisco
 

SeriesN

Active Member
Verified Provider
Let me get this damn thing to compile properly before I start giving things away :p


Charging for opensource things is wrong, especially since kaniini wrote the patch my builds based from.


Francisco
Well, people charge for "PHP" and "linux" related works. Just saying ;)
 

Francisco

Company Lube
Verified Provider
Well, people charge for "PHP" and "linux" related works. Just saying ;)
The linux people charge for support :p Anyways that's another subject all together.

Right now i've patched against 76.8 and just waiting for it to chew through. I've given the thing an E3 to run on but it seems it isn't forking multiple threads like I was hoping.

Francisco
 

Aldryic C'boas

The Pony
Doesn't mean we work for free.. and no amount of caffeine or liquor is going to make me start believing that we should function as a free, public helpdesk <_<
 

SeriesN

Active Member
Verified Provider
Are you willing to "license" out your Ksplice and patches? I am sure some unfortunate soul would appreciate that
 



Doesn't mean we work for free.. and no amount of caffeine or liquor is going to make me start believing that we should function as a free, public helpdesk
Me Tell before but Big Unicorn Said NOOOOOOOOOOOOOOOOOOOOOOOOOOOO
 

Magiobiwan

Insert Witty Statement Here
Verified Provider
Is the 2.6.18 kernel line affected? Namely the latest stable version kernel.
 
Top