Dear Live Assist customers and partners
We have been made aware of the DirtyCOW vulnerability that may affect operating systems which host CaféX services.
While the risk of this affecting Live Assist products is very low, we do recommend you upgrade your Linux servers to the latest kernel.
A Race Condition has been found in the way the Linux kernel's memory subsystem handles read-only information. An unprivileged local user can use this flaw to gain write access to otherwise read-only memory, increasing their privileges on the system.
For details on the vulnerability see:
https://github.com/dirtycow/dirtycow.github.io/wiki/VulnerabilityDetails
To check if your OS is vulnerable see:
https://www.redpacketsecurity.com/testing-dirty-cow-cve-2016-5195/
This issue affects most versions of Linux [RHEL & CentOS, Debian, Ubuntu], and requires local-machine access to invoke.
Fix the DirtyCOW vulnerability on a CentOS/RHEL/Fedora:
In order to protect your servers from CVE-2016-5195, perform a kernel update using the following command.
yum update kernel
reboot the server
After updating the kernel on your FAS & Media Broker servers, you must reboot the servers. The updated kernel will be used from the next system restart.
Comments
0 comments
Please sign in to leave a comment.