Wednesday, May 14, 2014

Security fix for Linux kernel

A new version of the Linux kernel has been recently released in all distributions to fix a memory-corruption security issue CVE-2014-0196. This issue allowed unprivileged users to crash or execute malicious code on vulnerable systems.

We strongly recommend that all Bitnami users upgrade their Linux kernel. The process for upgrading is slightly different for the various platforms, but note that for every Linux distribution it will be necessary to reboot the machine in order to use the new kernel version.

- Bitnami Ubuntu based virtual machines and cloud images: Log in the machine and run the following commands:

$ sudo apt-get update
$ sudo apt-get install linux-headers-virtual linux-image-virtual linux-virtual
$ sudo reboot

- Bitnami Red Hat and Amazon Linux based Cloud Images:

$ sudo yum update kernel
$ sudo reboot

After rebooting the server, you can check you are running a fixed kernel version with the following command:

$ uname -r

For those of you who use Ubuntu 12.04 ensure you are running the "3.2.0-61" version, for Red Hat 6 the "2.6.32-431.17.1" version and for Amazon Linux the "3.10.38-49.136" version.