Technical Staff Blog

Last update on .

Linux Security Reboot

Tstaff will be performing a department-wide reboot of Linux desktop machines at 5:30am tomorrow, Wednesday, January 20th, to apply an urgent security patch. Please be sure to log out of your machines before then.

A major vulnerability was announced today in versions 3.8 and higher of the Linux kernel. The details may be found here: http://perception-point.io/2016/01/14/analysis-and-exploitation-of-a-linux-kernel-vulnerability-cve-2016-0728/

Debian 8 "Jessie", which is what most of our desktop machines are currently running, uses the Linux 3.16 kernel. The announcement of the Debian patch is here: https://www.debian.org/security/2016/dsa-3448 Machines running Debian 7 "Wheezy" are not affected, as they use Linux 3.2.

We will follow up on an individual basis with owners of VMs that are running Debian 8 "Jessie" to schedule reboots.

As always, please email problem@cs.brown.edu with any questions or concerns.