topic Re: What is the risk of using old kernel after updating to 2.4.20 kernel RPM? in Operating System - Linux

What is the risk of using old kernel after updating to 2.4.20 kernel RPM?

Paul Mancillas — Mon, 21 Jul 2003 03:14:43 GMT

I just used up2date and Red Hat Network to update the kernel RPM from 2.4.7 to 2.4.20 but the new kernel panics because it won't work with the AIC-7770 SCSI driver. I can boot the old 2.4.7 kernel successfully. What is the risk of just booting and running on the old 2.4.7 kernel? Do I need to remove the 2.4.20 kernel RPM?

Thanks for your reply,

Paul Mancillas

Re: What is the risk of using old kernel after updating to 2.4.20 kernel RPM?

Steven E. Protter — Mon, 21 Jul 2003 03:36:58 GMT

The risk is low but significant.

Due to the way I layed out my production web server, it won't boot after kernel upgrades. I'm using raid 1 mirroring and have two ide drives hung off the same controller.

I'm planning on changing that.

The nice thing is that if the machine won't boot you can always boot off the old kernel

When the machine comes up after boot, you see a startup menu and just arrow down to the prior kernel and boot.

There is a file called /boot/grub/grub.conf

This lets you switch back to the old kernel as the automatic boot device.

The loaded kernels are listed in order and start with zero.

So the upgrade has a low risk and a built in backup plan.

SEP

Re: What is the risk of using old kernel after updating to 2.4.20 kernel RPM?

Cristian Draghici_1 — Mon, 21 Jul 2003 05:22:09 GMT

If your hardware is supported by an old kernel and not by a kernel update i guess you should write a bug report in the Redhat bugzilla.
Hopefully someone will fix it and you will be able to upgrade to a 2.4.20+ when it appears.

In terms of risk all the kernel changes are metioned in the errata of the kernel package. (if i remember correctly versions prior to 2.4.8 risk a spinlock causing ext3 corruption on SMP systems, the rest of the upgrades are (local user) security realted).

Cheers
Cristi

Re: What is the risk of using old kernel after updating to 2.4.20 kernel RPM?

Jerome Henry — Mon, 21 Jul 2003 05:48:48 GMT

Well,

There is a security issue in your kernel version, that make anyone able to use a buffer overflow on your kernel and such gain root privileges.

This can be done locally or remotely.

But, up to now, there is no known proof of concept, that is to say that a script kiddy wishing to experiment this on machines over the Internet can't find an easy program that would do this for him or her.

That is to say that if your machine is a personnal machine, connected from time to time, you have almost 0 risk.

If your machine is a web server connected continuously, then you should recompile the new kernel to suit with your SCSI driver.

If you choose to keep old kernel, then, as SEP said, remove in /boot all that concerns 2.4.20, remove reference in /boot/grub/grub.conf, and remove directory related to 2.4.20 in /usr/src.

hth.

J

Re: What is the risk of using old kernel after updating to 2.4.20 kernel RPM?

Caesar_3 — Mon, 21 Jul 2003 06:20:02 GMT

Hello!

The risk is exists that the rpm of kernel 2.4.20 replace some files that old kernel
need.
Because the use of rpm the kernel 2.4.20
depend on some other rpms like glibc 2.3
and new rpm so it could also have problems with the old kernel.

Caesar

Re: What is the risk of using old kernel after updating to 2.4.20 kernel RPM?

Balaji N — Mon, 21 Jul 2003 14:27:51 GMT

hi

if u are able to boot the kernel with an older version guess there are no isses. u can just leave it like that make the older version your default kernel version.

did u also upgrade any other depots along with this kernel. i think it will not be that way.

and until some one manually adds the kernel-* rpms, by default redhat doesnt update the kernel rpms automatically. so it is u are someone else with root access on this box has done this. first remove that.

cheers
-balaji