To find out if your server is affected, check your kernel version.
If your version is earlier than the following, you are affected:
- 4.8.0-26.28 for Ubuntu 16.10
- 4.4.0-45.66 for Ubuntu 16.04 LTS
- 3.13.0-100.147 for Ubuntu 14.04 LTS
- 3.2.0-113.155 for Ubuntu 12.04 LTS
- 3.16.36-1+deb8u2 for Debian 8
- 3.2.82-1 for Debian 7
- 4.7.8-1 for Debian unstable
Some versions of CentOS can use this script provided by RedHat for RHEL to test your server’s vulnerability. To try it, first download the script.
- wget https://access.redhat.com/sites/default/files/rh-cve-2016-5195_1.sh
Then run it with
- bash rh-cve-2016-5195_1.sh
If you’re vulnerable, you’ll see output like this:
Your kernel is 3.10.0-327.36.1.el7.x86_64 which IS vulnerable. Red Hat recommends that you update your kernel. Alternatively, you can apply partial mitigation described at https://access.redhat.com/security/vulnerabilities/2706661 .
Fortunately, applying the fix is straightforward: update your system and reboot your server.
On Ubuntu and Debian, upgrade your packages using
- sudo apt-get update && sudo apt-get dist-upgrade
You can update all of your packages on CentOS 5, 6, and 7 with
sudo yum update, but if you only want to update the kernel to address this bug, run:
- sudo yum update kernel
Finally, on all distributions, you’ll need to reboot your server to apply the changes.
- sudo reboot