CloudLinux - CloudLinux Blog - KernelCare, Dirty Cow, systemtap and CentOS/RHEL/CL 5 - Important!!!
Blog

KernelCare, Dirty Cow, systemtap and CentOS/RHEL/CL 5 - Important!!!

The systemtap scripts recommended by RedHat https://bugzilla.redhat.com/show_bug.cgi?id=1384344#c13 and many other people as workaround against CVE-2016-5195 (a.k.a DirtyCow) might be ineffective against new variations of the attack like this one:

https://github.com/dirtycow/dirtycow.github.io/blob/master/pokemon.c

[correction Oct 22, 7:04am: this particular exploit uses ptrace, and our kernel team corrected me that so far the systemtap script that Redhat recommends does protect against all known potential vectors of attack]

What is more, we know that in some rare situations it can conflict with KernelCare and crash the server.
To eliminate those accidents, we are preparing automated systemtap/kprobe detection that will be baked into the patch. It was already in our CentOS/CL6 patches.
We are about 24 hours away from making that stable.

We understand that you need the protection now. So, in the next few hours, we will release our patches without systemtap/kprobe protection into the test repository.

 

IF YOU DON'T NEED IT NOW, JUST WAIT, AND YOU WILL BE SAFELY AND AUTOMATICALLY UPDATED WITHIN 24 HOURS


To receive those patches:
If you have installed systemtap script against DirtyCow, uninstall/unload it.
After that run:
$ echo "PREFIX=test" >> /etc/sysconfig/kcare/kcare.conf

After that, KernelCare will start taking updates from test repository.

This is a manual process specifically to let people with the systemtap script have a chance to remove those scripts and avoid crashes.
In the future - you will need to remove the PREFIX=test line from kcare.conf
and within 24 hours we will publish new patches that automatically detect the systemtap script.

 

Live patching for your custom kernel
Hosting Industry Survey is now closed. Stand by fo...
 

By accepting you will be accessing a service provided by a third-party external to https://www.cloudlinux.com/

EU e-Privacy Directive

We use cookies to ensure you get the best experience using our website and services. Read more about it in our Privacy Policy. Please agree to the use of cookies to proceed. Alternatively, you may disable cookies in your browser at any time.

You have declined cookies. This decision can be reversed.

You have allowed cookies to be placed on your computer. This decision can be reversed.