CentOS Linux 7 Kernel Update 3.10.0-123.4.4 Released
时间:2016-06-01 16:18 来源:www.it.net.cn 作者:IT网
CentOS 7 Linux kernel 2.6.32-431.20.5 has just been released.
Update type(s): security
Resolved CVEs:
CVE-2014-4699
CVE-2014-4943
* It was found that the Linux kernel’s ptrace subsystem allowed a traced process’ instruction pointer to be set to a non-canonical memory address without forcing the non-sysret code path when returning to user space. A local, unprivileged user could use this flaw to crash the system or, potentially, escalate their privileges on the system. (CVE-2014-4699, Important)
Note: The CVE-2014-4699 issue only affected systems using an Intel CPU.
* A flaw was found in the way the pppol2tp_setsockopt() and pppol2tp_getsockopt() functions in the Linux kernel’s PPP over L2TP implementation handled requests with a non-SOL_PPPOL2TP socket option level. A local, unprivileged user could use this flaw to escalate their privileges on the system. (CVE-2014-4943, Important)
Full details can be found here.
Updating the Kernel
You can either initiate a full yum update:
1
yum update
Alternatively, just update the kernel packages:
1
yum update "kernel-*"
As this update has just been released, your preferred CentOS yum mirror may not have the update yet. In this case. you may need to wait a few hours for the update to become available. Cached repo data can also prevent new updates from being found. To clear your yum cache, run:
1
yum clean all
(责任编辑:IT)
CentOS 7 Linux kernel 2.6.32-431.20.5 has just been released. Update type(s): security Resolved CVEs:
CVE-2014-4699 * It was found that the Linux kernel’s ptrace subsystem allowed a traced process’ instruction pointer to be set to a non-canonical memory address without forcing the non-sysret code path when returning to user space. A local, unprivileged user could use this flaw to crash the system or, potentially, escalate their privileges on the system. (CVE-2014-4699, Important) Note: The CVE-2014-4699 issue only affected systems using an Intel CPU. * A flaw was found in the way the pppol2tp_setsockopt() and pppol2tp_getsockopt() functions in the Linux kernel’s PPP over L2TP implementation handled requests with a non-SOL_PPPOL2TP socket option level. A local, unprivileged user could use this flaw to escalate their privileges on the system. (CVE-2014-4943, Important) Full details can be found here. Updating the KernelYou can either initiate a full yum update:
Alternatively, just update the kernel packages:
As this update has just been released, your preferred CentOS yum mirror may not have the update yet. In this case. you may need to wait a few hours for the update to become available. Cached repo data can also prevent new updates from being found. To clear your yum cache, run:
|