[COMPLETED] Scheduled maintenance - VPS Security Update: TCP SACK PANIC

Date: 13th July 2019

Time: 12:16 AM SGT


Maintenance Update:

Scheduled maintenance security update on  all Linux VPS servers has been completed. All VMs will now resume their operations without any noticeable  service impact.


==============


Dear Valued Customers,


**Only clients subscribed Linux VPS service will experience service disruption**


Date: 12th July 2019

Time: After 9.00 PM SGT
ETA:  1 hour for each server


Maintenance details:

As refer to the following Security announcement by Red Hat:

https://access.redhat.com/security/vulnerabilities/tcpsack


What is TCP SACK PANIC?

TCP SACK PANIC allows a remote attacker to trigger kernel panic on Linux kernels.


Our team will perform scheduled security update for the following servers:

Hostnamevirtualization typenodeid
ssdvps01kvm2
ssdvps02kvm4
ssdvps04kvm6
ssdvps05kvm7
ssdvps06kvm8
ssdvps07kvm10
ssdvps08kvm11
ssdvps09kvm12
ssdvps10kvm13
ssdvps11kvm15
sgxlssdvps01kvm14


Maintenance affects:
All services will be temporarily inaccessible during our reboot to apply new update.


How to check if your administrate virtual machine host under the affected server list?

In order to verify your operation virtual machine under the affected range, may refer to the step below.

  1. Login to client area login portal via portal (https://cybersite.com.sg/billing/clientarea.php

  2. Proceed to click on "Services" > "My Services" from the drop down option list. 

  3. Select and click on your active VPS service that intended to verify.

  4. Under the load out result, click on "Additional Information" tab. 

  5. The "nodeid" with the reference number shall turn up on your screen. 

  6. Verify  if the nodeid exists under above affected list. If the number match,  that implies your administrate virtual machine are under the  scheduled   maintenance list and disruption shall expect while the maintenance  window kick start.


REMINDER:

For VPS client, please access remotely via SSH (Putty) then apply the following command to update the patch
==========================
# yum update kernel
=========================
Server reboot is recommended after applying it.


After the update, please run the following command to check the status

====================

wget https://access.redhat.com/sites/default/files/cve-2019-11477--2019-06-17-1629.sh ; sh cve-2019-11477--2019-06-17-1629.sh

====================


The safe output will show as following:


Please do not hesitate to contact us by creating a ticket at Helpdesk if you have any enquiries regarding this maintenance exercise. 


Support Team

......................................
Technical Support Department