A new major local privilege escalation vulnerability in the Linux kernel was disclosed on March 7th by Alexander Popov (see CVE-2017-2636). It is a race condition in drivers/tty/n_hdlc.c in the Linux kernel through 4.10.1 that allows local users to gain privileges or cause a denial of service (double free) by setting the HDLC line discipline and comes as a kernel module in many Linux distributions, which have CONFIG_N_HDLC=m in the kernel config.
This vulnerability affects many kernels. The KernelCare team, as always, is urgently working on releasing patches, with most distributions being promptly covered by the end of the day (Thursday, March 9th, 2017). Major Linux distributions are working on releasing kernel updates with a fix as well. RedHat and Debian already released updated kernels - however, they will require you to reboot servers. But if you run KernelCare, you can livepatch your servers and protect yourself from critical vulnerabilities, including this one, WITHOUT any downtime.
When you install KernelCare, whether a paid or a trial version, it will bring your kernels up-to-date with all patches instantly. It installs with a single line of code in just minutes, without a reboot, and it will ensure you never miss another kernel security patch as they will be automatically installed to your live kernel going forward.
If you’d like to update your kernels as soon as the fix is released, you can get KernelCare for free for 30 days here. To learn more about KernelCare, visit this page.