CloudLinux - CloudLinux Blog - KernelCare CVE-2014-9322 patch
RSS

KernelCare CVE-2014-9322 patch

Update: The patch has been released on Dec 18, 2014 at 1pm ET. You can read more about it here: http://www.cloudlinux.com/blog/clnews/kernelcare-local-privilege-escalation-patch-for-pcsopenvzcl6cl5hcentos.php

We have received numerous requests for CVE-2014-9322 patch. Right now we are running burn in tests that should finish in a few hours. This patch was the most complex patch so far. It was in assembler code, while most patches are in C, and it was altering how interrupt handlers work. It is highly unusual, and there were no such security patches in the past 3 years. We had to add special handing to our patch generation software to accommodate for that, and it took as significant amount of time to get there. While we started more then 24 hours before (4 days ago) any vendors released updated kernels, it is only now that we have a working patch. From now on we should be able to handle such patches with ease.

If you want to test the patch now, please, run (there is a slight chance of crash, as it burn in tests are yet to finish):
$ kcarectl --update --test

Or wait -- and within next 2-6 hours your system should get updated.

KernelCare local privilege escalation patch for PC...
Bugfix release: OptimumCache 0.2-15
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Tuesday, 18 June 2019

Captcha Image