CloudLinux - CloudLinux Blog - KernelCare - RHSA-2014:0475-01

By accepting you will be accessing a service provided by a third-party external to

KernelCare - RHSA-2014:0475-01

New patches for RHEL 6, CentOS 6, OpenVZ and CloudLinux 6 kernels had been released based on RHEL upstream kernel kernel-2.6.32-431.17.1.el6.
Even though it will take time before this patches will be available with standard OpenVZ and CloudLinux kernels, the fixes are already available to KernelCare users.

Following isssues had been addressed:

CVE-2013-2851 - Kernel: AACRAID Driver compat IOCTL missing capability check

The aac_compat_ioctl function in drivers/scsi/aacraid/linit.c in the Linux kernel before 3.11.8 does not require the CAP_SYS_RAWIO capability, which allows local users to bypass intended access restrictions via a crafted ioctl call.

CVE-2014-0077 - kernel: vhost-net: insufficiency in handling of big packets in handle_rx()

drivers/vhost/net.c in the Linux kernel before 3.13.10, when mergeable buffers are disabled, does not properly validate packet lengths, which allows guest OS users to cause a denial of service (memory corruption and host OS crash) or possibly gain privileges on the host OS via crafted packets, related to the handle_rx and get_rx_bufs functions.

CVE-2014-2523 had been addressed with earlier KernelCare patches, and is not part of the current release.
KernelCare - fix for CVE-2014-0196 local DOS and a...
New CL6/Hybrid kernel


Нет созданных комментариев. Будь первым кто оставит комментарий.
Уже зарегистрированны? Войти на сайт

Изображение капчи