- Support for latest CL6/CL5 hybrid kernel 2.6.32-531.23.3.lve1.2.66
- patches for CL5 hybrid kernel were re-compiled to ignore do_signal_stop symbol
- CentOS5/RHEL5 patches were recompiled to ignore tcp_recvmsg symbol
- CVE-2014-5077 patch was added for RHEL6/CentOS6 2.6.32-431.23.3, 2.6.32-431.29.2 and PCS/OpenVZ/Virtuozzo 042stab093.4 kernels
- PSBM-25929 fix for ext4: Add ioctl EXT4_IOC_SET_RSV_BLOCKS v2 was added for PCS/OpenVZ/Virtuozzo 042stab090.x kernels
You can manually update the server by running:
# /usr/bin/kcarectl --update
- CVE-2014-5077 net: SCTP: NULL pointer dereference
Linux kernel built with the support for Stream Control Transmission Protocol (CONFIG_IP_SCTP) is vulnerable to a NULL pointer dereference flaw. It could occur when simultaneous new connections are initiated between a same pair of hosts.
A remote user/program could use this flaw to crash the system kernel resulting in DoS.