This is a brief advisory regarding a new Linux Exploit, CVE-2010-3847 which is a user space vulnerability that can result in root privilege escalation.

This is potentially exploitable via common services you may run on your VPS or Dedicated Server with us, such as a web server (i.e. via PHP / CGI scripts etc.) which of course makes it a highly dangerous vulnerability.

So far this vulnerability is known to affect RedHat based distributions such as CentOS and Fedora, but other distributions may also be affected.

Updated glibc packages are now available for RedHat/CentOS systems, please ensure your system is patched. If you are running a different Operating System, keep an eye on your OS Vendor's mailing lists.

Further detail regarding the exploit itself is available here:

http://www.securityfocus.com/archive/1/514366/30/0/threaded

Please Note:

* If you are a Shared or Reseller hosting customer, the servers you are hosted on are already patched.

Date Published : Saturday, October 23, 2010