CloudLinux 7 and CloudLinux 6 Hybrid kernel version 3.10.0-962.3.2.lve1.5.25.11 is now available for download from our updates-testing repository.
You can find more about TCP SACK PANIC vulnerability in this post.
Changelog:
- CLKRN-421: ratelimit memcg oom message entries to dmesg
- CLKRN-482: CVE-2019-11477: SACK Panic
- CLKRN-483: CVE-2019-11478: SACK Slowness or Excess Resource Usage
- CLKRN-485: CVE-2019-11479: Excess Resource Consumption Due to Low MSS Values
To update a kernel, please use the following command.
CloudLinux 7:
yum install kernel-3.10.0-962.3.2.lve1.5.25.11.el7 --enablerepo=cloudlinux-updates-testingCloudLinux 6 Hybrid:
yum install kernel-3.10.0-962.3.2.lve1.5.25.11.el6h --enablerepo=cloudlinux-hybrid-testing