Kernel Exploit Upgrade

tronayne · 02-13-2008, 08:14 AM

OK, I'm a little confused (happens more and more often as time goes on). If I can figure out which patch to upgrade to (I'm not completely sure just which kernel I'm running; uname -r returns 2.6.21.5-smp which I think is the generic-smp-2.6.21.5_smp), I kind of think other things are going to get screwed up because I've added things (VMware Server, Cisco VPN, ATI drivers, etc.) and, well, I do not want to have to go through all that nonsense again if I don't have to.

One of the patches is the diff file for splice.c, which I assume is the problem in the first place, and I'm thinking I can just apply that patch and recompile the kernel using that patched file? When I install I copy the configuration file from the distribution media and compile the kernel using that configuration so, pretty much, it looks like just diff-ing splice.c, recompiling and installing might just doit toit. Or is there some good reason to figure out which patch file to upgrade to and sacrifice a blank CD-ROM or some other valuable commodity to the confuser gods?

Or, as some folks seem to suggest, just leave the blasted thing alone...

Thanks.

MS3FGX · 02-13-2008, 08:25 AM

It's not really going to matter, since regardless of how you update the kernel (recompiling with the patch or updating through the packages), anything that has compiled against the kernel will need to be rebuilt.

b0uncer · 02-13-2008, 08:27 AM

And the most visible things you do need to recompile are graphics card drivers, wireless drivers (if they weren't already in the kernel) and such.

dkpw · 02-13-2008, 08:53 AM

If you go to /boot and check the link status of vmlinuz and System.map that will confirm your kernel.

Remember to run lilo after the upgrade.

Regards,

dkpw

shadowsnipes · 02-13-2008, 08:57 AM

Quote:

Originally Posted by tronayne

OK, I'm a little confused (happens more and more often as time goes on). If I can figure out which patch to upgrade to (I'm not completely sure just which kernel I'm running; uname -r returns 2.6.21.5-smp which I think is the generic-smp-2.6.21.5_smp), I kind of think other things are going to get screwed up because I've added things (VMware Server, Cisco VPN, ATI drivers, etc.) and, well, I do not want to have to go through all that nonsense again if I don't have to.

One of the patches is the diff file for splice.c, which I assume is the problem in the first place, and I'm thinking I can just apply that patch and recompile the kernel using that patched file? When I install I copy the configuration file from the distribution media and compile the kernel using that configuration so, pretty much, it looks like just diff-ing splice.c, recompiling and installing might just doit toit. Or is there some good reason to figure out which patch file to upgrade to and sacrifice a blank CD-ROM or some other valuable commodity to the confuser gods?

Or, as some folks seem to suggest, just leave the blasted thing alone...

Thanks.

If you are just using the stock kernel images with no custom configuration then you don't have to use the patch. Just install the new package for your kernel (find the dl location in the Slackware security advisory).

Here's another related thread.

tronayne · 02-13-2008, 10:23 AM

Thanks for all the above (turns out it's huge-smp-2.6.21.5-smp).

I'm thinking update the server I don't care about too much and see what pitfalls pop up their ugly heads (I keep them all at the same levels of software, patches, packages, etc., etc.) and try to deal with it from there, sigh.