RHEL Kernel Security Update

[Slavik]

http://www.webhostingtalk.com/showthread.php?s=dd16c9b0e7b7411298cab49c0657a779&t=1374900

If your on CentOS 6 or OpenSuse you should do the following:

SSH in and run

uname -a

If you are running any of the following kernel versions: 2.6.31 to rc3 3.14.3 or 3:15 - rc5

run a yum or zypper update and then reboot your server

 

[Liam W]

So, 2.6.32-431.11.2.el6.x86_64 is safe then?

 

[Andy.N]

2.6.32-358.23.2.el6.x86_64

 

[p4guru]

read further down as well http://www.webhostingtalk.com/showpost.php?p=9116038&postcount=41

A direct quote from their bug tracker:

I can confirm that. Red Hat Enteprise Linux 6.4 EUS and Red Hat Enterprise Linux 6.5.z contain backport of upstream commit c56a00a165712fd73081f40044b1e64407bb1875 which added additional locking into tty_insert_flip_string() function which effectively avoids the CVE-2014-0196 issue.

A couple of people, my self included, have attempted to "exploit" the issue, and so far no one has been successful.

See the bug report for more details on the tests.

So it would seem that up-to-date RHEL/CentOS 6.5 users are in the clear with no patches needed.

so if you're already up to date for RHEL/CentOS 6.5 you should be ok