CRITICAL : One more kernel exploit known to the public

A continuation of the previous exploits. http://isec.pl/vulnerabilities/isec-0025-syscall-emulation.txt

Full Disclosure here  - http://seclists.org/fulldisclosure/2010/Sep/268 & mitigation at http://seclists.org/fulldisclosure/2010/Sep/273

Details about the 0 day exploit and how to test whether your system is exploitable or not. However no need to get panicked as this particular exploit was with l33t hackers for last 2 years as you can see at the above link. Now since it is public now, take an extra care if uname -m gives you a x86_64.

http://sota.gen.nz/compat2/

http://sota.gen.nz/compat1/

Two CVE candidates are there – CVE-2010-3081 and CVE-2010-3301. One will affect the server and other don’t.

Temporary solution would be to follow https://access.redhat.com/kb/docs/DOC-40265

Continue Reading

How to recompile Kernel?

Kernel Recompilation

Compiling custom kernel has its own advantages and disadvantages.  It helps to optimize the kernel to your environment (hardware and usage patterns).  I shall try to guide you through Kernel recompilation process.

Step 1:

Download the kernel source

cd /usr/local/src

wget  http://www.kernel.org/pub/linux/kernel/v2.6/linux-x.y.z.tar.bz2

Note: Replace x.y.z with actual version number.

Step 2:

Extract the  source file

tar -xjvf linux-x.y.z.tar.bz2

Step 3:

Patching the Kernel

If you are requested to apply any patches , follow these steps

a) Move the downloaded kernel patch to the /usr/local/src directory.

b)  Extract the patch file

c)  Patch the kernel  source using the extracted  patch file

cd /usr/local/src/linux-x.y.z

patch -p1 < patchfile-2.2.x

Now the  Kernel Source is patched against known  vulnerabilities.

Step 4:

Configuration

If you are trying to upgrade the Kernel of already running server , it is always better use the existing configuration. To do this follow these steps

#uname -a
Linux  Server1  2.6.18-164.el5 #1 SMP Thu Sep 3 03:28:30 EDT 2009 x86_64 x86_64 x86_64 GNU/Linux

# cd /boot

There you can see different configuration files as given below

#ls

config-2.6.18-128.el5    initrd-2.6.18-128.el5.img  message
config-2.6.18-164.el5     initrd-2.6.18-164.el5.img  quota.user*

identify the configuration file corresponding to the version of OS installed , In our case it is config-2.6.18-164.el5 . We are  copying this file to the downloaded kernel source  to use it during configuration.

#cp -p config-2.6.18-164.el5 /usr/local/src/linux-x.y.z/.config

# make clean

# make mrproper

# make menuconfig

You have to select different options as per your need.   If you  intended to use the existing configuration ,specify the path to the file  ( .config in this case) by selecting the option

“Load an Alternative configuration file”

Step 5: Compilation

Compile the Kernel using the following commands

Compile to create a compressed kernel image

# make

Compile kernel modules:

# make modules

Install kernel modules

# make modules_install

Step 6: Install Kernel

If the above steps completed without any errors , now its the time to Install the new Kernel

# make install

It will install three files into /boot directory as well as modification to your kernel grub configuration file:

System.map-x.y.z

config-x.y.z

vmlinuz-x.y.z

Step 7:  Create the Initrd image

Type the following command :

# cd /boot

# mkinitrd -o initrd.img-x.y.x  x.y.z

initrd images contains device driver which needed to load rest of the operating system later on. Not all computer requires it, but it is  better  to create one

Step 8: Boot Loader Modification

Mofdify the boot loader to boot the new OS as default . Check the documentaions corresponding to your boot loader

Step 9: The last step

execute the following command

#reboot

Wait a few minutes and once it is up , you can see that the new Kernel is loaded :-)

Continue Reading


 

About this blog

This blog, acts as a knowledge repository for the world and is unofficial! Anything we find interesting in the cyber world will go here. Most cases, this blog will reflect the happiness of our staff in reaching successful solution to an issue (s)he worked on. A reference for other fellow SAGEs who come across similar issues later