CloudLinux Blog - Beta: CloudLinux 6 kernel with the fix for the Zombieload2 is available

Beta: CloudLinux 6 kernel with the fix for the Zombieload2 is available

b2ap3_large_mds2

CloudLinux 6 kernel with the fix for the Zombieload2 vulnerabilities is now available for download from our updates-testing repository.

To get ongoing information related to the Zombieload2 vulnerabilities, follow our KernelCare blog.

To secure your CloudLinux 6 servers, you should proceed as we did with the previous MSD vulnerability: update microcode along with the kernel update.

For CloudLinux 6, run the command:

yum upgrade -y microcode_ctl && yum install kernel-2.6.32-954.3.5.lve1.4.75.el6 --enablerepo=cloudlinux-updates-testing

Changelog

  • CKSIX-244: CVE-2018-12207
    • CKSIX-244: x86/bugs: Add ITLB_MULTIHIT bug infrastructure
  • CKSIX-244: CVE-2019-11135
    • x86/speculation/taa: Add sysfs reporting for TSX Async Abort
    • x86/speculation/taa: Add mitigation for TSX Async Abort
    • x86/cpu: Add the "tsx=" cmdline option with TSX disabled by default
    • x86/cpu: Add the helper function x86_read_arch_cap_msr()
    • x86/msr: Add the IA32_TSX_CTRL MSR
    • x86/boot: Add early cmdline parsing for options with arguments
    • x86/boot: Pass in size to early cmdline parsing
    • x86/boot: Simplify early command line parsing
    • x86/boot: Fix early command line parsing when partial word matches
    • x86/boot: Fix early command line parsing when matching at end
    • x86/boot: Carve out early cmdline parsing function
  • CKSIX-243: Make io stats available for reading
Beta: mod_lsapi PRO updated
Beta: alt-mod-passenger updated
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Monday, 20 January 2020

Captcha Image

By submitting your comment, you agree with Cloudlinux Privacy Policy