CloudLinux - CloudLinux Blog - We stopped the second Zombieload invasion

We stopped the second Zombieload invasion


The latest set of Intel CPU vulnerabilities, called Zombieload2, has been addressed by us here at CloudLinux. Our KernelCare service has already started delivering patches for it, ensuring that your servers are protected against it.

And I’m here to announce that CloudLinux 7 and CloudLinux 6 Hybrid kernel with the fix for the Zombieload2 vulnerabilities is now available for download from our updates-testing repository.

To get ongoing information related to the Zombieload2 vulnerabilities, follow our KernelCare blog.


To secure your CloudLinux 7 and CloudLinux 6 hybrid servers, you should proceed as we did with the previous MSD vulnerability: update microcode along with the kernel update.

For CloudLinux 7, run the command:

yum upgrade -y microcode_ctl && yum install kernel-3.10.0-962.3.2.lve1.5.27.el7 --enablerepo=cloudlinux-updates-testing

For CloudLinux 6 Hybrid, run the command:

yum upgrade -y microcode_ctl && yum install kernel-3.10.0-962.3.2.lve1.5.27.el6h --enablerepo=cloudlinux-hybrid-testing


  • CLKRN-542: fix CVE-2019–0155, CVE-2019–0154, CVE-2019-11135, CVE-2018–12207
  • CLKRN-539: CVE-2019-15098: ath6kl: fix a NULL-ptr-deref bug in ath6kl_usb_alloc_urb_from_pipe()
  • CLKRN-539: x86/speculation/mds: apply more accurate check on the hypervisor platform
  • CLKRN-539: hpet: fix division by zero in hpet_time_div()
  • CLKRN-539: sched/numa: Move task_numa_free() to __put_task_struct()
  • CLKRN-539: sched/fair: Don't free p->numa_faults with concurrent readers
  • CLKRN-539: tty/ldsem, locking/rwsem: Add missing ACQUIRE to read_failed sleep loop
  • CLKRN-539: tcp: fix tcp_ecn_withdraw_cwr() to clear TCP_ECN_QUEUE_CWR
  • CLKRN-539: sched/fair: don't assign runtime for throttled cfs_rq
  • CLKRN-539: signal/pid_namespace: fix reboot_pid_ns to use send_sig not force_sig
  • CLKRN-539: crypto: talitos - check AES key size
  • CLKRN-539: crypto: ghas - fix unaligned memory access in ghash_setkey()
  • CLKRN-539: x86/ptrace: fix possible spectre-v1 in ptrace_get_debugreg()
  • KMODLVE-292: preserve task's original umask when entering LVE
Kernel and kernel module for CloudLinux 7 hybrid u...
Beta: Alt-PHP74 updated

By accepting you will be accessing a service provided by a third-party external to

EU e-Privacy Directive

We use cookies to ensure you get the best experience using our website and services. Read more about it in our Privacy Policy. Please agree to the use of cookies to proceed. Alternatively, you may disable cookies in your browser at any time.

You have declined cookies. This decision can be reversed.

You have allowed cookies to be placed on your computer. This decision can be reversed.