CloudLinux 6 and 7 Hybrid kernel updated
CloudLinux 7 and CloudLinux 6 Hybrid kernel have been updated to version 3.10.0-714.10.2.lve1.5.19.6 and are now available on all of our servers.
Changelog:
- KMODLVE-205: avoid LVE kernel module crash on cgroup double removal;
- CLKRN-348: fixed CVE-2018-5391.
The Linux kernel version 3.9 and later is vulnerable to a denial of service attack with low rates of specially modified packets targeting IP fragment reassembly. An attacker may cause a denial of service condition by sending specially crafted IP fragments.
- CLKRN-351: fixed kernel crashes in bcache.
- CLKRN-354: fixed CVE-2018-14634.
An integer overflow flaw was found in the Linux kernel's create_elf_tables() function. An unprivileged local user with access to SUID (or otherwise privileged) binary could use this flaw to escalate their privileges on the system.
- CLKRN-326: libiscsi: fixed iscsi_check_transport_timeouts possible infinite loop;
- CLKRN-315: fixed an issue with the task scheduling during cond_resched().
To update your CloudLinux 7 kernel manually, type in:
yum install kernel-3.10.0-714.10.2.lve1.5.19.6.el7
To update your CloudLinux 6 Hybrid kernel manually, type in:
yum install kernel-3.10.0-714.10.2.lve1.5.19.6.el6h
