Operating System - Linux
1839268 Members
2780 Online
110137 Solutions
New Discussion

Re: What is the risk of using old kernel after updating to 2.4.20 kernel RPM?

 
SOLVED
Go to solution
Paul Mancillas
Advisor

What is the risk of using old kernel after updating to 2.4.20 kernel RPM?

I just used up2date and Red Hat Network to update the kernel RPM from 2.4.7 to 2.4.20 but the new kernel panics because it won't work with the AIC-7770 SCSI driver. I can boot the old 2.4.7 kernel successfully. What is the risk of just booting and running on the old 2.4.7 kernel? Do I need to remove the 2.4.20 kernel RPM?

Thanks for your reply,

Paul Mancillas
5 REPLIES 5
Steven E. Protter
Exalted Contributor

Re: What is the risk of using old kernel after updating to 2.4.20 kernel RPM?

The risk is low but significant.

Due to the way I layed out my production web server, it won't boot after kernel upgrades. I'm using raid 1 mirroring and have two ide drives hung off the same controller.

I'm planning on changing that.

The nice thing is that if the machine won't boot you can always boot off the old kernel

When the machine comes up after boot, you see a startup menu and just arrow down to the prior kernel and boot.

There is a file called /boot/grub/grub.conf

This lets you switch back to the old kernel as the automatic boot device.

The loaded kernels are listed in order and start with zero.

So the upgrade has a low risk and a built in backup plan.

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
Cristian Draghici_1
Frequent Advisor

Re: What is the risk of using old kernel after updating to 2.4.20 kernel RPM?


If your hardware is supported by an old kernel and not by a kernel update i guess you should write a bug report in the Redhat bugzilla.
Hopefully someone will fix it and you will be able to upgrade to a 2.4.20+ when it appears.

In terms of risk all the kernel changes are metioned in the errata of the kernel package. (if i remember correctly versions prior to 2.4.8 risk a spinlock causing ext3 corruption on SMP systems, the rest of the upgrades are (local user) security realted).

Cheers
Cristi
Jerome Henry
Honored Contributor
Solution

Re: What is the risk of using old kernel after updating to 2.4.20 kernel RPM?

Well,

There is a security issue in your kernel version, that make anyone able to use a buffer overflow on your kernel and such gain root privileges.

This can be done locally or remotely.

But, up to now, there is no known proof of concept, that is to say that a script kiddy wishing to experiment this on machines over the Internet can't find an easy program that would do this for him or her.

That is to say that if your machine is a personnal machine, connected from time to time, you have almost 0 risk.

If your machine is a web server connected continuously, then you should recompile the new kernel to suit with your SCSI driver.

If you choose to keep old kernel, then, as SEP said, remove in /boot all that concerns 2.4.20, remove reference in /boot/grub/grub.conf, and remove directory related to 2.4.20 in /usr/src.


hth.

J
You can lean only on what resists you...
Caesar_3
Esteemed Contributor

Re: What is the risk of using old kernel after updating to 2.4.20 kernel RPM?

Hello!

The risk is exists that the rpm of kernel 2.4.20 replace some files that old kernel
need.
Because the use of rpm the kernel 2.4.20
depend on some other rpms like glibc 2.3
and new rpm so it could also have problems with the old kernel.

Caesar
Balaji N
Honored Contributor

Re: What is the risk of using old kernel after updating to 2.4.20 kernel RPM?

hi

if u are able to boot the kernel with an older version guess there are no isses. u can just leave it like that make the older version your default kernel version.

did u also upgrade any other depots along with this kernel. i think it will not be that way.

and until some one manually adds the kernel-* rpms, by default redhat doesnt update the kernel rpms automatically. so it is u are someone else with root access on this box has done this. first remove that.

cheers
-balaji
Its Always Important To Know, What People Think Of You. Then, Of Course, You Surprise Them By Giving More.