Ksplice Provides Patch for Linux Kernel Exploit CVE-2010-3081
It has been mentioned in many places on the web, that a vulnerability in the 32-bit compatibility mode of the current Linux kernel (and previous versions) for 64-bit systems can be exploited to escalate privileges.
RedHat / CentOS
You can read the Redhat Bugzilla info associated with CVE-2010-3081 here: https://bugzilla.redhat.com/show_bug.cgi?id=634457.
Details from the bug report
The Red Hat Enterprise Linux 4 kernel is not affected by the publicly circulated exploit, but we plan to backport the missing compat_alloc_user_space() sanity checks in the future Red Hat Enterprise Linux 4 update.
This issue has been addressed in following products:
Red Hat Enterprise Linux 5
Via RHSA-2010:0704 https://rhn.redhat.com/errata/RHSA-2010-0704.html
The following link has information related to Fedora 12/13/14: https://admin.fedoraproject.org/updates/search/CVE-2010-3081
You can read the Ubuntu Security Notice here: http://www.ubuntu.com/usn/usn-988-1
USN-988-1: Linux kernel vulnerabilities
Ubuntu Security Notice USN-988-1 September 17, 2010
linux, linux-source-2.6.15 vulnerabilities
A security issue affects the following Ubuntu releases:
Ubuntu 6.06 LTS
Ubuntu 8.04 LTS
Ubuntu 10.04 LTS
Amazon Web Services
Amazon Web Services (AWS CVE-2010-3081) has additional detail on their security bulletins page
Amazon Linux AMI Security Advisory: ALAS-2010-1 Advisory Release Date: September 17, 2010 References: CVE-2010-3081, CVE-2010-3301 Severity: Important
If you are a customer of MNX Solutions and your systems support Ksplice, we have already patched your server. All systems enrolled in our Linux Server Management solution include KSplice at no additional charge. If you have any questions about your server status, please open a support case.
KSplice reacted very quickly to this situation, and is continuing to prove to it’s customers that it is a great solution for reasons just like this!