general

Security Notices

2021-07-22 Sequoia (CVE-2021-33909): Linux Kernel filesystem layer Vulnerability

CVE-2021-33909: A new security vulnerability in the Linux Kernel known as Sequoia was publicly disclosed recently.

An out-of-bounds write flaw was found in the Linux kernel’s seq_file in the Filesystem layer. This flaw allows a local attacker with a user privilege to gain access to out-of-bound memory, leading to a system crash or a leak of internal kernel information. The issue results from not validating the size_t-to-int conversion prior to performing operations. The highest threat from this vulnerability is to data integrity, confidentiality and system availability.

Affected platforms

To check if your system is not vulnerable, execute the command below:

$ uname -a

Debian 10 (Buster)

Debian Buster kernel should be equal or greater than 4.19.194-3.

Ubuntu 18.04 LTS (Bionic Beaver)

Ubuntu 18.04 kernel version in should be equal or greater than 4.15.0-151.157.

Ubuntu 20.04 LTS (Focal Fossa)

Ubuntu 20.04 kernel version should be equal or greater than 5.4.0-80.90.

How to patch it

If your system is affected, follow the steps below for your platform.

Ubuntu and Debian

Run the following command to patch the system and then reboot:

$ sudo apt-get update && sudo apt-get dist-upgrade
$ sudo reboot

CentOS

Run the following command to patch the system and then reboot:

$ sudo yum update
$ sudo reboot

Status Update:

[2021-07-31] 99.91% of all VMs have been built, tested and ready to be released in the different Marketplaces:

  • 100% for VMware Marketplace and IBM Cloud Catalog, 100% images for Azure marketplace, 100% for Google Cloud Marketplace and 100% for AWS Marketplace.
  • 100% of OS X VMs have been already released and 100% of downloadable Virtual Machines as well (OVAs and VMDKs).
  • Multi-Tier solutions: 100% for AWS Marketplace, 100% for Google Cloud Marketplace and 96.15% for Azure Marketplace.

[2021-07-30] 99.34% of all VMs have been built, tested and ready to be released in the different Marketplaces:

  • 98.34% for VMware Marketplace and IBM Cloud Catalog, 99.22% images for Azure marketplace, 100% for Google Cloud Marketplace and 100% for AWS Marketplace.
  • 100% of OS X VMs have been already released and 99.64% of downloadable Virtual Machines as well (OVAs and VMDKs).

[2021-07-29] 96.85% of all VMs have been built, tested and ready to be released in the different Marketplaces:

  • 95.16% for VMware Marketplace and IBM Cloud Catalog, 93.93% images for Azure marketplace, 99.19% for Google Cloud Marketplace and 97.26% for AWS Marketplace.
  • 98.95% of OS X VMs have been already released and 97.58% of downloadable Virtual Machines as well (OVAs and VMDKs).

[2021-07-27] 89.91% of all VMs have been built, tested and ready to be released in the different Marketplaces:

  • 90.32% for VMware Marketplace and IBM Cloud Catalog, 68.93% images for Azure marketplace, 95.16% for Google Cloud Marketplace and 94.52% for AWS Marketplace.
  • 94.87% of OS X VMs have been already released and 94.82% of downloadable Virtual Machines as well (OVAs and VMDKs).

[2021-07-25] 86.13% of all VMs have been built, tested and ready to be released in the different Marketplaces:

  • 88.7% for VMware Marketplace and IBM Cloud Catalog, 66% images for Azure marketplace, 91.6% for Google Cloud Marketplace and 93.1% for AWS Marketplace.
  • 92.7% of OS X VMs have been already released and 93.4% of downloadable Virtual Machines as well (OVAs and VMDKs).

[2021-07-23] 60.51% of all the VMs have been built and ready-to-be published:

  • 58.87% for VMware Marketplace and IBM Cloud Catalog, 52.27% cloud images for Azure Marketplace, 64.12% for Google Cloud Marketplace and 59.58% for AWS Marketplace.
  • 55.67% for OS X VMs and 62% of downloadable Virtual Machines (OVAs and VMDKs).

Once you have completed the steps above, you will have the fixed version of the kernel/operating system running on your server. If you have any question about this process, you can visit our github repository. We will be happy to help!

Last modification June 29, 2022