Login Register

KernelCare - CVE-2014-3153 - another vulnerability patched

Patches for CVE-2014-3153 is available for CentOS, RHEL, CloudLinux & OpenVZ kernels. There is no exploit code available today from what we know, but it is possible that it will appear in the public any day now, and might be already sold on relavent forums.
We will provide more details on the exploit itself, once it is publish to general public by MITRE CVE Dictionary

There is no kernels yet for CentOS, RHEL & CloudLinux that fix this vulnerability. OpenVZ released updated kernel yesterday night. We plan to release updated kernel on Monday.

KernelCare customers can enjoy the safety right now.

Robin Kikkert
06/10/2014 13:16:28
Update uname
Hi Igor,

Are you also going to update kcarectl --uname to match the update with the kernel?
Because I'm writing a script that will check if the newest installed kernel is equal to kernelcare.

Thanks in advance!

With kind regards,

Link 0
Igor Seletskiy
06/11/2014 00:06:58
Yes, it will get updated - though not instantly. Usually either same day or next day.
Parent Link 0