CloudLinux - CloudLinux Blog - Production: CloudLinux 7 and CloudLinux 6 Hybrid kernel with the fix for the Zombieload2 vulnerabilities is available
Blog

By accepting you will be accessing a service provided by a third-party external to https://www.cloudlinux.com/

Выделенное 

Production: CloudLinux 7 and CloudLinux 6 Hybrid kernel with the fix for the Zombieload2 vulnerabilities is available

b2ap3_large_mds_20191217-181904_1

CloudLinux 7 and CloudLinux 6 Hybrid kernel with the fix for the Zombieload2 vulnerabilities is now available for download from our production repository.

To get ongoing information related to the Zombieload2 vulnerabilities, follow our KernelCare blog.

Update

To secure your CloudLinux 7 and CloudLinux 6 hybrid servers, you should proceed as we did with the previous MDS vulnerability: update microcode along with the kernel update.

For CloudLinux 7, run the command:

yum upgrade -y microcode_ctl && yum install kernel-3.10.0-962.3.2.lve1.5.27.el7

For CloudLinux 6 Hybrid, run the command:

yum upgrade -y microcode_ctl && yum install kernel-3.10.0-962.3.2.lve1.5.27.el6h

Changelog

  • CLKRN-542: fix CVE-2019–0155, CVE-2019–0154, CVE-2019-11135, CVE-2018–12207
  • CLKRN-539: CVE-2019-15098: ath6kl: fix a NULL-ptr-deref bug in ath6kl_usb_alloc_urb_from_pipe()
  • CLKRN-539: x86/speculation/mds: apply more accurate check on the hypervisor platform
  • CLKRN-539: hpet: fix division by zero in hpet_time_div()
  • CLKRN-539: sched/numa: Move task_numa_free() to __put_task_struct()
  • CLKRN-539: sched/fair: Don't free p->numa_faults with concurrent readers
  • CLKRN-539: tty/ldsem, locking/rwsem: Add missing ACQUIRE to read_failed sleep loop
  • CLKRN-539: tcp: fix tcp_ecn_withdraw_cwr() to clear TCP_ECN_QUEUE_CWR
  • CLKRN-539: sched/fair: don't assign runtime for throttled cfs_rq
  • CLKRN-539: signal/pid_namespace: fix reboot_pid_ns to use send_sig not force_sig
  • CLKRN-539: crypto: talitos - check AES key size
  • CLKRN-539: crypto: ghas - fix unaligned memory access in ghash_setkey()
  • CLKRN-539: x86/ptrace: fix possible spectre-v1 in ptrace_get_debugreg()
  • KMODLVE-292: preserve task's original umask when entering LVE
MariaDB for MySQL Governor updated
Kernel module for CloudLinux 7 hybrid updated
 

Комментарии

Нет созданных комментариев. Будь первым кто оставит комментарий.
Уже зарегистрированны? Войти на сайт
Guest
04.07.2020

Изображение капчи