An emergency kernel upgrade is scheduled for February 11th at 12 AM EST (-0500 GMT). This kernel upgrade will bring the servers to 184.108.40.206 and is mandatory to avoid a serious exploit within the kernel. While I do apologize for the quick kernel upgrades over the past few days, this cannot be avoided and further, the temporary fix tends to result in system instability as has been noted on 2 of the servers earlier today. More information will be available later tonight.
12:22 AM EST: one more exploit is out in the wild, which hasn’t been pushed upstream yet. Rebuilding kernels with custom patch in git; another reboot is coming up.
12:28 AM EST: the last patch has been applied and it looks like we’re good to go. This is a nasty set of easy exploits in the vmsplice section of the kernel, which is used all over the place such that it’s not something that can be removed.
There are three exploits, all of which affect the 2.6.17 – 220.127.116.11 branches of the Linux kernel. Unfortunately this means very high and easy penetration for attackers. If you work IT, then you have my sympathies tomorrow. It’s going to be a fun day for those who don’t keep up with security on the weekends. Although it doesn’t quite rival do_brk() in terms of notoriety, I have a hunch it’ll be an infamous bug for some time to come.
One final note, the RET “fix” can lead to system instability and is not recommended.