CentOS Administration

Critical QEMU Vulnerability – VENOM – affects Xen, KVM, VirtualBox, XenServer

Posted by Curtis K in Administration May, 14 2015 No Comments

What is the VENOM vulnerability? A new vulnerability, dubbed "VENOM" has been discovered, which exploits the virtual floppy drive code in QEMU. This vulnerability potentially allows an attacker to break out of their VM (guest) and gain privileged access to the Host machine, and its guest VMs. The official website, which contains ... Read More...

CentOS Linux Kernel Update 2.6.32-504.16.2 Released

Posted by Curtis K in Administration May, 02 2015 2 Comments

CentOS 6 Linux kernel 2.6.32-504.16.2 was released on 22 April. Update type(s): security Resolved CVEs: CVE-2014-3215 CVE-2014-3690 CVE-2014-7825 CVE-2014-7826 CVE-2014-8171 CVE-2014-8884 CVE-2014-9529 CVE-2014-9584 CVE-2015-1421 * A flaw was found in the way seunshare, a utility for running executables under a different security context, used the capng_lock functionality of the libcap-ng library. The subsequent invocation of suid root binaries that relied on the fact that the setuid() ... Read More...

CentOS Linux Kernel Update 2.6.32-504.8.1 Released

Posted by Curtis K in Administration Jan, 30 2015 No Comments

CentOS 6 Linux kernel 2.6.32-504.8.1 has recently been released. Update type(s): security, bug fix Resolved CVEs: CVE-2014-4656 CVE-2014-7841 * A flaw was found in the way the Linux kernel's SCTP implementation validated INIT chunks when performing Address Configuration Change (ASCONF). A remote attacker could use this flaw to crash the system by sending a specially crafted SCTP packet to trigger ... Read More...

CRITICAL glibc remote vulnerability exploit “GHOST” – patch glibc now!

Posted by Curtis K in Administration Jan, 28 2015 3 Comments

GHOST Exploit Summary A nasty new remote exploit has been discovered by Qualys. Without going in to too much detail, the exploit lies in the gethostbyname function in glibc. This function is used to convert DNS addresses in to IP addresses. More details from Qaulys. What versions are affected? All versions of glibc ... Read More...

CentOS Linux Kernel Update 2.6.32-504.3.3 Released

Posted by Curtis K in Administration Dec, 20 2014 No Comments

CentOS 6 Linux kernel 2.6.32-504.3.3 has recently been released. Update type(s): security, bug fix Resolved CVEs: CVE-2012-6657 CVE-2014-3673 CVE-2014-3687 CVE-2014-3688 CVE-2014-5471 CVE-2014-5472 CVE-2014-6410 CVE-2014-9322 * A flaw was found in the way the Linux kernel handled GS segment register base switching when recovering from a #SS (stack segment) fault on an erroneous return to user space. A local, unprivileged user could use this flaw to escalate ... Read More...

CentOS Linux Kernel Update 2.6.32-504.1.3 Released

Posted by Curtis K in Administration Nov, 11 2014 5 Comments

CentOS 6 Linux kernel 2.6.32-504.1.3 has recently been released. Update type(s): security, bug fix Resolved CVEs: CVE-2014-3185 CVE-2014-3611 CVE-2014-3645 CVE-2014-3646 * A race condition flaw was found in the way the Linux kernel's KVM subsystem handled PIT (Programmable Interval Timer) emulation. A guest user who has access to the PIT I/O ports could use this flaw to crash the host. (CVE-2014-3611, Important) * ... Read More...

Administration