CloudLinux 7 and CloudLinux 6 Hybrid kernel version 3.10.0-962.3.2.lve1.5.23 is now available for download from our updates-testing repository.
- CLKRN-342: fixed L1TF backport issues which lead to corrupt page tables.
- CLKRN-348: fixed CVE-2018-5391.
The Linux kernel version 3.9 and later is vulnerable to a denial of service attack with low rates of specially modified packets targeting IP fragment reassembly. An attacker may cause a denial of service condition by sending specially crafted IP fragments.
- CLKRN-351: fixed kernel crashes in bcache.
- CLKRN-354: fixed CVE-2018-14634.
An integer overflow flaw was found in the Linux kernel's create_elf_tables() function. An unprivileged local user with access to SUID (or otherwise privileged) binary could use this flaw to escalate their privileges on the system.
- ipvs: fixed infinite loop in ipvs when using ipvs in docker environment. Fixed race between ip_vs_conn_new() and ip_vs_del_dest().
To update a kernel, please use the following command.
yum install kernel-3.10.0-962.3.2.lve1.5.23.el7 --enablerepo=cloudlinux-updates-testing
CloudLinux 6 Hybrid:
yum install kernel-3.10.0-962.3.2.lve1.5.23.el6h --enablerepo=cloudlinux-hybrid-testing