topic Re: Linux Kernel Version Question in Operating System - Linux

Linux Kernel Version Question

john guardian — Sat, 12 Sep 2009 14:19:45 GMT

I was reading a vulnerability document that referenced Linux 2.6.30.3 and earlier.

The kernel level on one of the local machines in the office is 2.6.9-89.0.7.

Just wondering "how" to interpret this kernel versioning, IE: is it 2.6.9.0.7 with some "fix" info related to to the -89 reference or does the -89 part of the kernel version number have some other meaning?

Any help/information would be appreciated.

Thanks.

Re: Linux Kernel Version Question

skt_skt — Sat, 12 Sep 2009 15:20:19 GMT

normally LINUX systems are in 2.4 on 2.6 dependig on the version. So look at the third digit then

here is an example from /etc/grub.conf and the most recent one is the top. It is pcied from 2.6 kernel version

title Enterprise Linux Enterprise Linux Server (2.6.18-53.1.21.2.1.el5)
root (hd0,0)
kernel /vmlinuz-2.6.18-53.1.21.2.1.el5 ro root=/dev/vg00/lvol1 crashkernel=128M@16M
initrd /initrd-2.6.18-53.1.21.2.1.el5.img

title Red Hat Enterprise Linux Server (2.6.18-53.1.13.el5)
root (hd0,0)
kernel /vmlinuz-2.6.18-53.1.13.el5 ro root=/dev/vg00/lvol1 crashkernel=128M@16M
initrd /initrd-2.6.18-53.1.13.el5.img

title Red Hat Enterprise Linux Server (2.6.18-53.el5)
root (hd0,0)
kernel /vmlinuz-2.6.18-53.el5 ro root=/dev/vg00/lvol1 crashkernel=128M@16M
initrd /initrd-2.6.18-53.el5.img

Re: Linux Kernel Version Question

john guardian — Sat, 12 Sep 2009 18:52:57 GMT

I don't see what your explanation has to do w/my question?

I asked what part the -89 number plays in the kernel version.

If you don't know, say so and maybe someone else will supply the answer.

Thanks.

Re: Linux Kernel Version Question

Ragu_3 — Sun, 13 Sep 2009 03:39:44 GMT

>> does the -89 part of the kernel version number have some other meaning?

The -89 part of the kernel version would be the build version of the mainline kernel
version 2.6.9 by the distribution vendor or community.

This build release -89 may have the vulnerability fix that you are anxious about,
if it has come with a recent date stamp.

Do refer to the distro vendor site for this paricular version release announcement.

Hth.

Re: Linux Kernel Version Question

skt_skt — Sun, 13 Sep 2009 11:24:33 GMT

Just read you personal quote. And happy that you are not in the surplus list.

Re: Linux Kernel Version Question

Matti_Kurkela — Sun, 13 Sep 2009 11:31:04 GMT

In other words, the kernel version 2.6.9-89.0.7 should be read as: distribution vendor's patchlevel 89.0.7 of Linux kernel source version 2.6.9.

When a kernel source version is chosen for a particular release of an "enterprise-grade" Linux distribution, that kernel version is usually fixed for the lifetime of the distribution. For example, RedHat chose 2.6.9 as the kernel version for RHEL4. Instead of always using Linus's newest kernel source, RedHat backports any necessary bug-fixes to their customized version of the 2.6.9 kernel.

If you want to know whether a particular security vulnerability is fixed or not, the kernel version 2.6.9 is not nearly enough information. You must check the security notes of your Linux distribution to see if the patch for the vulnerability you're interested in is backported from 2.6.30.4+ to your vendor's 2.6.9 patchelvel 89.0.7 or not.

Because you did not tell us the name of your Linux distribution or any information about the vulnerability you're interested in, I cannot find the exact information for you.

But looking at the Linux kernel changelogs of 2.6.30.4 at www.kernel.org, I see it lists fixes for two security vulnerabilities: CVE-2009-2406 and CVE-2009-2407. Both of these apply for eCryptfs, a particular type of encrypting filesystem. If you don't use eCryptfs and don't have its kernel module(s) loaded, these vulnerabilities don't apply to you.

eCryptfs is a pretty new project, so I believe it did not even exist back when RHEL4 was launched. So unless RedHat thought this particular type of encrypted filesystem as essential for enterprise-level users, it probably is not included in RHEL4.

MK

Re: Linux Kernel Version Question

john guardian — Sun, 13 Sep 2009 12:41:04 GMT

Thanks, MK. That's exactly what I was looking for.

BTW, the Linux vendor distro is RedHat (RHEL AS4). I don't typically touch the Linux systems as the Linux Admin is very touchy about anyone else (other than his backup) performing any maintenance.

Unfortunately, he's on his 3 week honeymoon and his backup quit two days after the primary admin left to take a gov't job.

Apparently, he gave two weeks notice but the company wasn't pleased...

Re: Linux Kernel Version Question

Matti_Kurkela — Sun, 13 Sep 2009 13:03:24 GMT

I thought the version number matched to one of the RHEL4's errata kernels.

But if it's RHEL4, that means the kernel is almost but not quite up-to-date: the latest kernel patch level for RHEL4 is 89.0.9, released on 21/08/09.

The RedHat errata document associated with the latest RHEL4 kernel is here (a valid RedHat Network account may be required):
https://rhn.redhat.com/rhn/errata/details/Details.do?eid=8969

Check the versions and dates of the kernel-* packages here:
ftp://ftp.redhat.com/pub/redhat/linux/updates/enterprise/4AS/en/os/SRPMS/

MK