CloudLinux - CloudLinux Blog - New privilege escalation vulnerability found in Linux kernel

New privilege escalation vulnerability found in Linux kernel

New privilege escalation vulnerability found in Linux kernel

A race condition in Linux kernel was disclosed today, August 3rd, 2017 (see CVE-2017-7533). It can be exploited to allows an unprivileged local user to gain root access to the server. Currently, there is an existing working exploit allowing privileges escalation for 32 bit kernels. It is unclear whether such exploit exists for 64 bit kernels, but since these are affected by this race too, it is imperative to address the issue.

The vulnerability affects Linux kernels v3.14-rc1 up to v4.12. The KernelCare team, as always, is urgently working on releasing patches, with some distributions being promptly covered by the end of today, and most soon after (we will be updating the release schedule below). Major Linux distributions are releasing kernel updates with a fix, which requires a reboot. However, if you run KernelCare, you can livepatch your servers and protect yourself from critical vulnerabilities, including this one, without any downtime.

When you install KernelCare, whether a paid or a trial version, it will bring your kernels up-to-date with all patches instantly. It installs with a single line of code in just minutes, without a reboot, and it will ensure you never miss another kernel security patch as they will be automatically installed to your live kernel going forward.

If you’d like to update your kernels as soon as the fix is released, you can get KernelCare for free for 30 days here. To learn more about KernelCare, visit this page.

Timeline for patch releases for KernelCare:

  • CloudLinux OS 7 - released, Aug 3, 2017
  • CloudLinux OS 6 - not affected
  • CentOS 7 - released, Aug 3, 2017
  • CentOS 6 - not affected
  • Ubuntu 16.04 - released, Aug 4, 2017
  • Ubuntu 14.04 - released, Aug 4, 2017
  • RHEL 7 - released, Aug 3, 2017
  • RHEL 6 - not affected
  • CentOS 6 Plus - not affected
  • CentOS 7 Plus - released, Aug 3, 2017
  • CentOS 6 Alt - to be released
  • CentOS 7 Alt - to be released
  • Debian 7 - not affected
  • Debian 8 & 9 - to be release
  • Proxmox 3.10 - released, Aug 3, 2017
  • Proxmox 4.2/4.4 - to be released
  • Virtuozzo / OpenVZ 2.6.32 - not affected

The vulnerability was discovered by Fan Wu and Shixiong Zhao of the Department of Computer Science at The University of Hong Kong. To read more about it, please see CVE-2017-7533.


The KernelCare "Extra" Patchset for CentOS 6 & 7 w...
LibCare, a toolset for livepatching of user space ...

By accepting you will be accessing a service provided by a third-party external to

EU e-Privacy Directive

We use cookies to ensure you get the best experience using our website and services. Read more about it in our Privacy Policy. Please agree to the use of cookies to proceed. Alternatively, you may disable cookies in your browser at any time.

You have declined cookies. This decision can be reversed.

You have allowed cookies to be placed on your computer. This decision can be reversed.