The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

This Kernel ok?

Discussion in 'General Discussion' started by xxkylexx, Apr 1, 2007.

  1. xxkylexx

    xxkylexx Well-Known Member

    Joined:
    Apr 29, 2006
    Messages:
    57
    Likes Received:
    0
    Trophy Points:
    6
    Hi guys,
    I am currently running a CentOS 4.4 Final, cPanel box. It is using kernel 2.6.9-42.0.8.ELsmp . Is there any problems with this kernel, or should it be ok? Want to make sure it is not vulnerable.

    Thanks,
    Kyle
     
  2. jayh38

    jayh38 Well-Known Member

    Joined:
    Mar 3, 2006
    Messages:
    1,215
    Likes Received:
    0
    Trophy Points:
    36
    2.6.9-42.0.8.ELsmp and 2.6.9-42.0.10.ELsmp seem fine for many weeks now
     
  3. mickalo

    mickalo Well-Known Member

    Joined:
    Apr 16, 2002
    Messages:
    765
    Likes Received:
    2
    Trophy Points:
    18
    Location:
    N.W. Iowa
    been using 2.6.9-42.0.10.ELsmp on RHEL 4 for about a month now, with no problems.

    Mickalo
     
  4. xxkylexx

    xxkylexx Well-Known Member

    Joined:
    Apr 29, 2006
    Messages:
    57
    Likes Received:
    0
    Trophy Points:
    6
    Ok, thank you.
     
  5. katmai

    katmai Well-Known Member

    Joined:
    Mar 13, 2006
    Messages:
    526
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Brno, Czech Republic
    2.6.10 kernels are exploitable by pretty many local exploits. careful if you wanna allow shell access, i would not run such a kernel version. don't tell me about centos backporting and stuff, simply not secure if you plan allowing shell access. it's a vanilla kernel, and can be broken easily and that's it.
     
  6. xxkylexx

    xxkylexx Well-Known Member

    Joined:
    Apr 29, 2006
    Messages:
    57
    Likes Received:
    0
    Trophy Points:
    6
    We do not allow shell access on our accounts. And isn't this 2.6.9, not 2.6.10?
     
  7. student

    student Active Member

    Joined:
    Aug 9, 2006
    Messages:
    38
    Likes Received:
    0
    Trophy Points:
    6
    2.6.9-42.0.8.ELsmp is OK, should work without any problems :)
     
  8. katmai

    katmai Well-Known Member

    Joined:
    Mar 13, 2006
    Messages:
    526
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Brno, Czech Republic
    all you have to take into account is that if your applications/apache/php are not hardened enough, and someone gets shell access, they WILL root your box, witout question. but that is just in theory, because can't tell how well the security goes with everyone.
     
  9. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,475
    Likes Received:
    20
    Trophy Points:
    38
    Location:
    Go on, have a guess
    That's simply not true. RedHat do backport security fixes and update their kernels as soon as they're aware of any known exploits available for them. The root exploits you're referring to are the vanilla ones from kernel.org and they don't affect the latest ones from RedHat. All you need to do is to signup to the RedHat Errata mailing lists to follow such detail.
     
  10. katmai

    katmai Well-Known Member

    Joined:
    Mar 13, 2006
    Messages:
    526
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Brno, Czech Republic
    chirpy. need demonstration ? there are at least 4 public exploits for the mentioned kernels.
     
  11. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,475
    Likes Received:
    20
    Trophy Points:
    38
    Location:
    Go on, have a guess
    I don't need a demonstration, just some facts. I'm quite prepared to believe you but you need to substantiate the claims with the relevant information. Can you please provide the 4 CVE numbers and the RedHat bugtraq entries that show that they're aware of the 4 local root exploits and that they are yet to be back-ported into their latest kernels, without both of those it's impossible to verify what you're claiming.
     
  12. ezztro

    ezztro Well-Known Member

    Joined:
    Nov 11, 2003
    Messages:
    148
    Likes Received:
    0
    Trophy Points:
    16
    After an update from 4.4 to 4.5 ( not 5.0 ) and Kernel 2.6.9-42.xxx i have some errors:

    WARNING: Kernel Errors Present
    microcode: Error in the microcode ...: 1 Time(s)
    microcode: error! Bad data in mic ...: 1 Time(s)
     
  13. Tymsah

    Tymsah Well-Known Member

    Joined:
    Apr 6, 2007
    Messages:
    151
    Likes Received:
    0
    Trophy Points:
    16
    cPanel Access Level:
    Root Administrator
    we are using KErnel 2.6.9-55.ELsmp and CentOS 4.5 i686 - WHM X v3.1.0 without any problems.
     
Loading...

Share This Page