KernelCare Blog

The KernelCare Update: The patch to fix CVE-2016-8655 exploit is here!

The KernelCare Update: The patch to fix CVE-2016-8655 exploit is here!

A new vulnerability CVE-2016-8655 in the Linux kernel was discovered yesterday by Philip Pettersson. It is a race-condition in Linux (net/packet/af_packet.c) that can be exploited to gain kernel code execution from unprivileged processes. This exploit may lead to a privilege escalation, cause a denial of service attacks (server crash) and information leaks, give the ability to run codes with administrative privileges, and much more.

KernelCare already fixes these affected kernels:

  • Ubuntu 16.04
  • Ubuntu 14.04
  • RHEL 7
  • CentOS 7
  • CloudLinux OS 7
  • CloudLinux OS 7 Hybrid
  • CentOS 6 Plus
  • CentOS 7 Plus
  • CentOS 6 Alt
  • CentOS 7 Alt
  • Debian 7 & 8
  • Proxmox 3.10
  • Proxmox 4.2/4.4

If you have KernelCare, it will bring your kernels up-to-date with these patches automatically, without a reboot.

 

Topic: KernelCare Blog

1502 people viewed this

Comments

 
No comments yet

Leave your comment

Guest, Tuesday, 25 April 2017

Captcha Image