Heads-up from EGI: CVE-2016-5195

EGI CSIRT (Software vulnerability Group) has alerted us to a critical vulnerability in the linux kernel affecting most distros.

‘CRITICAL’ Risk CVE-2016-5195 Linux kernel privilege escalation EGI-SVG-CVE-2016-5195 A kernel vulnerability has been found concerning a race condition allowing an unprivileged local user to gain write access to otherwise read only mappings and increase their privilege in the system.

At present this is a ‘Heads up’. However sites running an OS where patches are available should urgently install the new version. (Currently Debian and Ubuntu.)

Actions required/recommended

  • Sites running an OS where patches are available (currently Debian and Ubuntu) are advised to install the new version within the next 7 days.
  • Machines allowing unprivileged user access, such as Grid Worker Nodes, should be prioritised.
  • At this stage a rolling update and reboot is recommended as sufficient.

Other sites, running an OS where patches are not available yet should prepare the update, which they will be required to apply within 7 days when new version will be available. Sites are also encouraged to investigate workarounds (e.g. systemtap) for systems with direct unprivileged user access, such as User Interfaces.

Sites failing to act and/or failing to respond to requests from the EGI CSIRT team risk site suspension.