Category: Announcements

All You Need to Know About GDPR

Businesses, large and small, are in the midst of preparing for compliance with the European Union’s new data privacy laws: The General Data Protection Regulation, or the GDPR, which will go into effect on May 25, 2018.

The GDPR is very broad in scope and can apply to businesses both in and outside of the EU. Businesses that don’t comply with the GDPR could face heavy fines.

Here’s what you need to know about the GDPR. (Note: You should consult your own legal counsel to determine if you are subject to the requirements of the GDPR.)

Important Announcement: ‘The Dirty Cow’ Linux Bug

A privilege escalation vulnerability being branded as “Dirty Cow” (CVE-2016-5195) was recently discovered and fixed yesterday in the Linux Kernel. It has existed for 11 years, so pretty much every device running Linux is affected (this includes VMs, physical machines, mobile devices, and so on) and, in general, distros from every vendor are affected. Fortunately, most major distributions have already released a fix. However, if you’re running an older server, please follow this tutorial to check and patch your server.

How to detect if you’re vulnerable:

Debian/Ubuntu

To find out if your server is affected, check your kernel version.

$ uname -rv

You’ll see output like this:

4.4.0-42-generic #62-Ubuntu SMP Fri Oct 7 23:11:45 UTC 2016

If your version is earlier than the following, you are affected:

4.8.0-26.28 for Ubuntu 16.10

4.4.0-45.66 for Ubuntu 16.04 LTS

3.13.0-100.147 for Ubuntu 14.04 LTS

3.2.0-113.155 for Ubuntu 12.04 LTS

3.16.36-1+deb8u2 for Debian 8

3.2.82-1 for Debian 7

4.7.8-1 for Debian unstable

CentOS

If you’re on CentOS, you can use this script provided by RedHat to test your server’s vulnerability. To do so, first download the script.

wget https://access.redhat.com/sites/defa…2016-5195_1.sh

Then run it with bash.

bash rh-cve-2016-5195_1.sh

If you’re vulnerable, you’ll see output like this:

Output

Your kernel is 3.10.0-327.36.1.el7.x86_64 which IS vulnerable.

How to fix the Vulnerability:

Fortunately, applying the fix is straightforward: update your system and reboot your server.

Debian/Ubuntu

Update and upgrade your packages using apt-get.

sudo apt-get update && sudo apt-get dist-upgrade

You’ll need to reboot your server to apply the changes.

sudo reboot

CentOS

As always, there are subtleties and potential defenses and configurations which may make this a non-issue for your specific situation, so we’ll leave the assessment up to you – but our general advice is to upgrade your kernels and reboot as soon as possible.

For the curious, here’s the patch from Linus Torvalds.

CentOS has released patched kernel for CentOS 6 and CentOS 7.

You can install the Kernel using the following command :

yum install kernel*

You can also initiate a full yum update to update all the packages on the server :

yum update

The server should be rebooted after the installation to apply the changes.

 

If you need any assistance, please contact our support team with the root password of the server. 

We hope this has been helpful and that you put the fixes in place as soon as possible.

Recent Comments

    Twitter Widget

    Categories