[COMPLETED] Scheduled maintenance - VPS Security Update: TCP SACK PANIC
Date: 13th July 2019
Time: 12:16 AM SGT
Scheduled maintenance security update on all Linux VPS servers has been completed. All VMs will now resume their operations without any noticeable service impact.
Dear Valued Customers,
**Only clients subscribed Linux VPS service will experience service disruption**
Date: 12th July 2019
Time: After 9.00 PM SGT
ETA: 1 hour for each server
As refer to the following Security announcement by Red Hat:
What is TCP SACK PANIC?
TCP SACK PANIC allows a remote attacker to trigger kernel panic on Linux kernels.
Our team will perform scheduled security update for the following servers:
All services will be temporarily inaccessible during our reboot to apply new update.
How to check if your administrate virtual machine host under the affected server list?
In order to verify your operation virtual machine under the affected range, may refer to the step below.
Login to client area login portal via portal (https://billing.exabytes.sg/mypanel/clientarea.php)
Proceed to click on "Services" > "My Services" from the drop down option list.
Select and click on your active VPS service that intended to verify.
Under the load out result, click on "Additional Information" tab.
The "nodeid" with the reference number shall turn up on your screen.
Verify if the nodeid exists under above affected list. If the number match, that implies your administrate virtual machine are under the scheduled maintenance list and disruption shall expect while the maintenance window kick start.
For VPS client, please access remotely via SSH (Putty) then apply the following command to update the patch
# yum update kernel
Server reboot is recommended after applying it.
After the update, please run the following command to check the status
wget https://access.redhat.com/sites/default/files/cve-2019-11477--2019-06-17-1629.sh ; sh cve-2019-11477--2019-06-17-1629.sh
The safe output will show as following:
Please do not hesitate to contact us by creating a ticket at Helpdesk if you have any enquiries regarding this maintenance exercise.
Technical Support Department