RHEL Kernel Security Update

Slavik · May 16, 2014

http://www.webhostingtalk.com/showthread.php?s=dd16c9b0e7b7411298cab49c0657a779&t=1374900

If your on CentOS 6 or OpenSuse you should do the following:

SSH in and run

Code:

uname -a

If you are running any of the following kernel versions: 2.6.31 to rc3 3.14.3 or 3:15 - rc5

run a yum or zypper update and then reboot your server

Liam W · May 16, 2014

So, 2.6.32-431.11.2.el6.x86_64 is safe then?

Andy.N · May 16, 2014

2.6.32-358.23.2.el6.x86_64

p4guru · May 16, 2014

read further down as well http://www.webhostingtalk.com/showpost.php?p=9116038&postcount=41

A direct quote from their bug tracker:

I can confirm that. Red Hat Enteprise Linux 6.4 EUS and Red Hat Enterprise Linux 6.5.z contain backport of upstream commit c56a00a165712fd73081f40044b1e64407bb1875 which added additional locking into tty_insert_flip_string() function which effectively avoids the CVE-2014-0196 issue.

Click to expand...

A couple of people, my self included, have attempted to "exploit" the issue, and so far no one has been successful.

See the bug report for more details on the tests.

So it would seem that up-to-date RHEL/CentOS 6.5 users are in the clear with no patches needed.

so if you're already up to date for RHEL/CentOS 6.5 you should be ok

RHEL Kernel Security Update

Slavik

XenForo moderator

Liam W

in memoriam 1998-2020

Andy.N

Well-known member

p4guru

Well-known member

Similar threads

We value your privacy