How to patch RHEL5 servers for StackClash Vulnerability

Latest response

About StackClash Vulnerability, there are some updates for RHEL6 systems, but not for RHEL5. Please we need to know how to patch or what to do in order to avoid this vulnerability en RHEL5 systems.

Responses

RHEL 5 is End of Life, you need an Extended Update Subscription to get these kind of patches. Migration the RHEL 6 or RHEL 7 is the safest option, if your applications/databases are compatible with these newer versions of RHEL.

EUS won't cut it for this, you will need ELS or AUS.

ELS covers RHEL 5 until November 30, 2020 https://access.redhat.com/solutions/690063

Do you mean "Stack Guard Vulnerability" (https://access.redhat.com/security/vulnerabilities/stackguard ?

I see that the Red Hat page (above link) covers details for RHEL5.x version as well, you would need to have ELS subscription to get it working as shown:

Red Hat Enterprise Linux 5 ELS* kernel  RHSA-2017:1482
Red Hat Enterprise Linux 5 ELS* glibc   RHSA-2017:1479
Red Hat Enterprise Linux 5.9 Advanced Update Support*** kernel  RHSA-2017:1483
Red Hat Enterprise Linux 5.9 Advanced Update Support*** glibc   RHSA-2017:1479

So, basically for RHEL5.x which are affected by this it is advised to upgrade kernel to "kernel-2.6.18-420.el5" as per the "RHSA-2017:1482 - Security Advisory" https://access.redhat.com/errata/RHSA-2017:1482. Otherwise, update to "kernel-2.6.18-348.33.2.el5" if it is AUS5.9 (https://access.redhat.com/errata/RHSA-2017:1483

These updated kernel packages are not visible under download with basic subscription... So, you may contact sales team if required to active ELS subscrition..

All the best!

Close

Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.