CloudLinux OS Blog - Beta: CloudLinux 7 and CloudLinux 6 Hybrid kernel updated
CloudLinux OS Blog

Beta: CloudLinux 7 and CloudLinux 6 Hybrid kernel updated

Beta: CloudLinux 7 and CloudLinux 6 Hybrid kernel updated

CloudLinux 7 and CloudLinux 6 Hybrid kernel version 3.10.0-962.3.2.lve1.5.22 is now available for download from our updates-testing repository.

CVE list:

  • CVE-2018-3620, CVE-2018-3646
    Modern operating systems implement virtualization of physical memory to efficiently use available system resources and provide inter-domain protection through access control and isolation. The L1TF issue was found in the way the x86 microprocessor designs have implemented speculative execution of instructions (a commonly used performance optimization) in combination with handling of page-faults caused by terminated virtual to physical address resolving process. As a result, an unprivileged attacker could use this flaw to read privileged memory of the kernel or other processes and/or cross guest/host boundaries to read host memory by conducting targeted cache side-channel attacks.
  • CVE-2018-3639
    (aka “Speculative Store Bypass”) opens a new avenue (like Branch Misprediction) which can be exploited via speculative execution and cache-based side channel methods to bypass security measures and access privileged memory. This issue is similar to CVE-2017-5753 (aka “Spectre v1”), except it leverages Speculative Store Bypass memory optimization in place of Branch Misprediction used by Spectre v1.
  • CVE-2018-3665
    System software utilizing Lazy FP state restore technique on systems using Intel Core-based microprocessors may potentially allow a local process to infer data from another process through a speculative execution side channel.
  • CVE-2018-8781
    The udl_fb_mmap function in drivers/gpu/drm/udl/udl_fb.c at the Linux kernel version 3.4 and up to and including 4.15 has an integer-overflow vulnerability allowing local users with access to the udldrmfb driver to obtain full read and write permissions on kernel physical pages, resulting in a code execution in kernel space.

To update a kernel, please use the following command.

CloudLinux 7:

yum install kernel-3.10.0-962.3.2.lve1.5.22.el7 --enablerepo=cloudlinux-updates-testing

CloudLinux 6 Hybrid:

yum install kernel-3.10.0-962.3.2.lve1.5.22.el6h --enablerepo=cloudlinux-hybrid-testing
Imunify360 3.5.4 Beta is here
Imunify360 3.5.3 Beta is here
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Wednesday, 20 November 2019

Captcha Image